File 2708fa4be80bcfe57d5fec7849a32e28063621ce03fa43e57ea7444a8c14ae8d Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0xf26a988e

MD5

3d3b3b1c532103be1a1076c7dcfd89b9

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

4a5f56a92e0f842fa8510ab9ac3ee344e616a6e6

SHA256

2708fa4be80bcfe57d5fec7849a32e28063621ce03fa43e57ea7444a8c14ae8d

SHA512

8f72ff995195a6584920042edff7cc978185501ac94a599bf1399be2e773af80e30cecb1b25c78f599977a4ea61c707249cdad43d09d53c6dfcf1d90ade129d4

SSDeep

49152:0BuZrEUfZvilpcfBpyamiRW3bswwjPEHRoxGrToWxegtEM5CWgaw:KkLfZAaAaFRGsX4RKIBecEM5Cb5

Size

3.02MB

Packer
  • PE: installer: Inno Setup Module(6.1.0)[unicode]
  • PE: compiler: Embarcadero Delphi(10.3 Rio)[-]
  • PE: linker: Turbo Linker(2.25*,Delphi)[EXE32]
  • PE: overlay: Inno Setup Installer data(-)[-]
TrID
  • 59.6% (.EXE) Inno Setup installer (109740/4/30)
  • 22.5% (.EXE) Win32 EXE PECompact compressed (generic) (41569/9/9)
  • 5.7% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 3.5% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 2.4% (.EXE) Win32 Executable (generic) (4505/5/1)
Tags

ExifTool File Metadata

CharacterSet

Unicode

CodeSize

724.50KB

Comments

This installation was built with Inno Setup.

CompanyName

UVE solutions

EntryPoint

0xb5eec

ExifToolVersionNumber

12.62

FileDescription

UVEClient Setup

FileFlags

(none)

FileFlagsMask

0x003f

FileOs

Win32

FileSize

3.2 MB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

FileVersionNumber

0.0.0.0

ImageFileCharacteristics

No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

ImageVersion

6.0

InitializedDataSize

53.50KB

LanguageCode

Neutral

LegalCopyright

LinkerVersion

2.25

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OriginalFileName

OsVersion

6.1

PeType

PE32

ProductName

UVEClient

ProductVersion

1.1.0.28

ProductVersionNumber

0.0.0.0

Subsystem

Windows GUI

SubsystemVersion

6.1

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
setup.exe web LB

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!