File 2ad3e640e4275d8ef602ff6506fa246ae5cc9a20c959093084dd6effe1687da9 Summary

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

6 months ago

First submission

6 months ago

Basic properties

CRC32	0xcea27ab9
MD5	f7ccf1652921b5d58b284887cd0b07e0
Magic	JSON data
SHA1	6dad3ccdd07a21e170e27fb980d0cb46d46d6036
SHA256	2ad3e640e4275d8ef602ff6506fa246ae5cc9a20c959093084dd6effe1687da9
SHA512	14c0c9644c889da5df754e7a8b20f040b280ea2240127d17a6bd170504076ced0fa2d6c5e8489025cae8d5fc1062945cb2c9457bf750e0b70edecef6803d4eca
SSDeep	96:I9uD9ufyd9ul9uz+8IJK8IyBZ8Iv8IV1oIIQPuIXYBAIXnIIQ+uRVIIQaS8IE8II:GK5nuWFqRxo5KGjDWAkvKoXArSQd
Size	4.62KB
Packer	Text: format: plain text[LF]
TrID	Unknown!

ExifTool File Metadata

Body	Привет
ExifToolVersionNumber	12.62
FileSize	4.7 kB
FileType	JSON
FileTypeExtension	json
From	cybergangster@q3mcco35auwcstmt.onion
MimeType	application/json
To	derek@q3mcco35auwcstmt.onion

Submissions

Published	Name	Source	Country
2023-10-20 16:18:45	185.25.51.173-20220122.json	web	EE

Indicators

Description	Severity	Category	Module
Malware detection of a yara signature: Win32/WannaCry	malicious	Sandbox Detection	Behavior
Communicates over HTTP with a low reputation domain	informational	C2	Behavior
Deletes itself after process termination	suspicious	Stealth	Behavior
Write a file to the startup folder	suspicious	Persistence	Behavior
Check for the existence of Virtual Machines	suspicious	Signature	Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!