Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
Last scanned
First submission
File type
js
js
No antivirus venders flagged
this file as malicious
js
CRC32 | 0xd3ceee28 |
---|---|
MD5 | 43b8251355fe3ebd4cc2542377238d0c |
Magic | exported SGML document, ASCII text, with very long lines, with CRLF line terminators |
SHA1 | 9f621f0b8d75b7055ea6ec97aba5d6a19c83c7d3 |
SHA256 | 4345e0250f5ad885e02f50308ef1f682b3ebdf2e6233e112dd76a7a717c0a5b5 |
SHA512 | acac47b8809331e898e67f296ba148acbb3fbea1b0f553a756bde86061882e7d7c606038199fa95175b200fab672b6a95fd84df5ed5382fa55d4d1c9e4452cdf |
SSDeep | 3072:OMDhLrd0e83KOKR2KOkRWmKOkcW+ZGopF0KZC/:fFT4 |
Size | 241.93KB |
Packer |
|
TrID |
|
ExifToolVersionNumber | 12.64 |
---|---|
FileSize | 248 kB |
FileType | TXT |
FileTypeExtension | txt |
LineCount | 2542 |
MimeEncoding | us-ascii |
MimeType | text/plain |
Newlines | Windows CRLF |
WordCount | 10371 |
Published | Name | Source | Country |
---|---|---|---|
sysmonconfig.xml | web | IR |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!