File 22f0391663a1b10a2b829554077362ae0efa5bb4c1835dbe4feb565377adba0f Summary

Analyse score

2 / 14

2 antivirus venders flagged
this file as malicious

Last scanned

First submission

Basic properties

CRC32

0x6c2f76b1

MD5

0e565254271e273cd79ba02699789776

Magic

ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, stripped

SHA1

11037d778aee6ff7059d41298b4235c0c4f77992

SHA256

22f0391663a1b10a2b829554077362ae0efa5bb4c1835dbe4feb565377adba0f

SHA512

f9a3e28b1ee3c78f7b83299075902d5328c20624d6ab4cb1962a8816e08c75382c231a755c51309c6cc7f3dfca016a6c595872f2042e77b859a32bc9b3d6c29c

SSDeep

1536:tqFI7oqvHphTtMHQZ0y+Az/MsiVUK49kzTgMaNGGKo:tqFI7oAUiMsiV7DhaN7

Size

61.89KB

Packer
  • ELF: Nothing found
TrID
  • 50.1% (.) ELF Executable and Linkable format (Linux) (4022/12)
  • 49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Tags

ExifTool File Metadata

CpuArchitecture

32 bit

CpuByteOrder

Little endian

CpuType

Unknown (40)

ExifToolVersionNumber

12.64

FileSize

63 kB

FileType

ELF executable

FileTypeExtension

MimeType

application/octet-stream

ObjectFileType

Executable file

Submissions

Published Name Source Country
darka5 web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!