File 37d1afaecbafbc2212c3a6cfa5891a0c2a8e37796049edfdff9c377c26f636e4 Summary
Like

Analyse score

5 / 14

5 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0x28a990fb

MD5

339c0fda5f8987c4f863255bccc31633

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

13b7692500cd3d634420b623a0e98f760b9f2c60

SHA256

37d1afaecbafbc2212c3a6cfa5891a0c2a8e37796049edfdff9c377c26f636e4

SHA512

4f70a5a3fe2f7f0846691f85c85c85121ea4e71dfa5e75a9b799de0f3a2718c49f70c7600679b8f63bef5463019d0c7414660e139e9bad07fbf978b5afd420e8

SSDeep

49152:m/72W+uYzojABtlevjL5tj112jGLF2eoRdDyLI3QAhJyo8u/s3B1rL1m2Ovf6SCf:82HyABtljJyR3/1JF/IMUXi/o1cpS7Wv

Size

2.62MB

Packer
  • PE: compiler: Microsoft Visual C/C++(2017 v.15.7)[-]
  • PE: linker: Microsoft Linker(14.14, Visual Studio 2017 15.7*)[EXE32]
TrID
  • 40.3% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 19.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 17.2% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 7.7% (.EXE) OS/2 Executable (generic) (2029/13)
  • 7.6% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CodeSize

1.62MB

EntryPoint

0xdf83a

ExifToolVersionNumber

12.64

FileSize

2.7 MB

FileType

Win32 EXE

FileTypeExtension

exe

ImageFileCharacteristics

No relocs, Executable, 32-bit

ImageVersion

0.0

InitializedDataSize

1022.00KB

LinkerVersion

14.14

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

OsVersion

6.0

PeType

PE32

Subsystem

Windows GUI

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
Keygen.exe web US

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!