Analyse score
No antivirus venders flagged
this file as malicious
Signature
Signed file, invalid signature
Last scanned
First submission
File type
sys
No antivirus venders flagged
this file as malicious
Signed file, invalid signature
sys
CRC32 | 0x55b00099 |
---|---|
MD5 | cb72bef6ce55aa7c9e3a09bd105dca33 |
Magic | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
SHA1 | d48336e1c8215ccf71a758f2ff7e5913342ea229 |
SHA256 | 47ffdbd85438891b7963408ea26151ba26ae1b303bbdab3a55f0f11056085893 |
SHA512 | c89eebcf43196f8660eee19ca41cc60c2a00d93f4b3bf118fe7a0deccb3f831cac0db04b2f0c5590fa8d388eb1877a3706ba0d58c7a4e38507c6e64cfd6a50a0 |
SSDeep | 24576:LCfhbh3v3mtZDiAQeWj26k41ob2nrZ1rqpegQDJqoZtp22GkmgA9u808jQPEdkr1:LCfhbh3v3mtEAQrW41obCraeRhy9ou6r |
Size | 1.44MB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Unicode |
---|---|
CodeSize | 1.12MB |
CompanyName | Microsoft(r) Corporation |
EntryPoint | 0x10ce10 |
ExifToolVersionNumber | 12.64 |
FileDescription | DirectX IL for Redistribution |
FileFlags | (none) |
FileFlagsMask | 0x0000 |
FileOs | Unknown (0) |
FileSize | 1508 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
dxil.dll | web | DE |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!