Analyse score
5 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
5 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x28a990fb |
---|---|
MD5 | 339c0fda5f8987c4f863255bccc31633 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 13b7692500cd3d634420b623a0e98f760b9f2c60 |
SHA256 | 37d1afaecbafbc2212c3a6cfa5891a0c2a8e37796049edfdff9c377c26f636e4 |
SHA512 | 4f70a5a3fe2f7f0846691f85c85c85121ea4e71dfa5e75a9b799de0f3a2718c49f70c7600679b8f63bef5463019d0c7414660e139e9bad07fbf978b5afd420e8 |
SSDeep | 49152:m/72W+uYzojABtlevjL5tj112jGLF2eoRdDyLI3QAhJyo8u/s3B1rL1m2Ovf6SCf:82HyABtljJyR3/1JF/IMUXi/o1cpS7Wv |
Size | 2.62MB |
Packer |
|
TrID |
|
Tags |
CodeSize | 1.62MB |
---|---|
EntryPoint | 0xdf83a |
ExifToolVersionNumber | 12.64 |
FileSize | 2.7 MB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | No relocs, Executable, 32-bit |
ImageVersion | 0.0 |
InitializedDataSize | 1022.00KB |
LinkerVersion | 14.14 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
Keygen.exe | web | US |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!