File 3026f8b35b2d1105736da7067c742889eb0e27e7b9478c94ddece9c0cc19a12e Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0xa7a4ba62

MD5

5bfba2f01966da742ed2b6ce275c57ee

Magic

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows

SHA1

4ac1b782c186d23bd2c20bee12d1f020d968a108

SHA256

3026f8b35b2d1105736da7067c742889eb0e27e7b9478c94ddece9c0cc19a12e

SHA512

d2a4ca593e5ec04e8074385a4bd24602c3f75d20b4844bf4dfa67ee6ead329cb44cfcd307f054c03f1d3dd79a9a02e68c99e99f633f6014bc73df29185f73b8c

SSDeep

384:RnmF1CtxDDsySfr1HkHCwlJCWgo6P8XXGwtPQn+KcQaid4MLRIYT4:RnmUxDDsyOr1HkiwSWgod7t79QhzeYT4

Size

44.48KB

Packer
  • PE+(64): linker: unknown(2.40)[EXE64,console]
TrID
  • 41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 26.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 5.1% (.ICL) Windows Icons Library (generic) (2059/9)
  • 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

8.00KB

EntryPoint

0x1125

ExifToolVersionNumber

12.62

FileSize

46 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, No line numbers, Large address aware, No debug

ImageVersion

0.0

InitializedDataSize

18.00KB

LinkerVersion

2.40

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

512

Show all

Submissions

Published Name Source Country
untitled.exe web DE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!