Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
Last scanned
First submission
File type
tar
tar
No antivirus venders flagged
this file as malicious
tar
CRC32 | 0x5047f87a |
---|---|
MD5 | a00a167e861ba8f5ddef9914ca52142d |
Magic | POSIX tar archive |
SHA1 | 55ce7ed11f16c51ec867755d090ae80729b182f0 |
SHA256 | 3fda109956e18ace04fb382f3eda898b4d4fd9f89e1778ed55e6b7864eeef0a5 |
SHA512 | 3094a09a085562dcccf2e6d212cdc3572357d9c48189c3a91d65ef6b6f1c26f0ad860321b32c4aa6bc13db6270f7bb063bb017b9f2622eaf350645f579629b4f |
SSDeep | 1536:ruqRF6gSv6QtiMLOm6hkKcHqDdAnTKaQAUsKspd81cI:ruQkzykch9GqpAnGTsddx |
Size | 70.50KB |
Packer |
|
TrID |
|
ExifToolVersionNumber | 12.64 |
---|---|
FileSize | 72 kB |
FileType | TAR |
FileTypeExtension | tar |
MimeType | application/x-tar |
Warning | Unsupported file type |
Published | Name | Source | Country |
---|---|---|---|
spec-5.3.4.gem | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!