Analyse score
5 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
5 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x4735bbb3 |
---|---|
MD5 | fb0eae8957668ce35168178db5a45d32 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 4ef5466771dc7eb760a91464147da80ad57aa013 |
SHA256 | 49d54d5c83609ba0f5dd558de757f8704c1e806dfa241aefe07a2be7d3c833cd |
SHA512 | 15292d90a0bff31ebb25eaad1324e1b05eb92e8ec809086b701b2f16c58545cad21117777bf20d7df82029d233fd60d32f2aeaf80d3a61f774ce0d8b511a537d |
SSDeep | 98304:PvDsbsk3XwnAsZq3/tFq+Kn1qwOyQJRwIl:nD4gGq+K1qwOhSC |
Size | 7.68MB |
Packer |
|
TrID |
|
Tags |
CodeSize | 4.72MB |
---|---|
EntryPoint | 0x5c630 |
ExifToolVersionNumber | 12.64 |
FileSize | 8.1 MB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 1.0 |
InitializedDataSize | 173.50KB |
LinkerVersion | 14.2 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
49d54d5c83609ba0f5dd558de757f8704c1e806dfa241aefe07a2be7d3c833cd | web | MA |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!