Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xcea27ab9 |
---|---|
MD5 | f7ccf1652921b5d58b284887cd0b07e0 |
Magic | JSON data |
SHA1 | 6dad3ccdd07a21e170e27fb980d0cb46d46d6036 |
SHA256 | 2ad3e640e4275d8ef602ff6506fa246ae5cc9a20c959093084dd6effe1687da9 |
SHA512 | 14c0c9644c889da5df754e7a8b20f040b280ea2240127d17a6bd170504076ced0fa2d6c5e8489025cae8d5fc1062945cb2c9457bf750e0b70edecef6803d4eca |
SSDeep | 96:I9uD9ufyd9ul9uz+8IJK8IyBZ8Iv8IV1oIIQPuIXYBAIXnIIQ+uRVIIQaS8IE8II:GK5nuWFqRxo5KGjDWAkvKoXArSQd |
Size | 4.62KB |
Packer |
|
TrID |
|
Body | Привет |
---|---|
ExifToolVersionNumber | 12.62 |
FileSize | 4.7 kB |
FileType | JSON |
FileTypeExtension | json |
From | cybergangster@q3mcco35auwcstmt.onion |
MimeType | application/json |
To | derek@q3mcco35auwcstmt.onion |
Published | Name | Source | Country |
---|---|---|---|
185.25.51.173-20220122.json | web | EE |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!