Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xf639bd50 |
---|---|
MD5 | 4b2594e34b8fed4dc0cf8835dbc39921 |
Magic | data |
SHA1 | ca1d6f469cf1e19ef6a05529de1da092f1e103fc |
SHA256 | 56a8b1316bfba9eb14cfa60bdce74f8636a3e2eff5f52dccd9349b88650926d1 |
SHA512 | 10532040b65e1c837be16d1c702aaa7e7aa5b94270c71bde4915be295e1f927a046981ef61640f9b70fc05e0b44e94d8b34ffc3c4024acb04e6757d000e53e93 |
SSDeep | 3072:6Cy6Zh5Dkj44mJDrUE9FpxHbBswylsmZ0veHXIiLhIBIBOitkx/8GsX54b4LWLWM:65O5DHBlAE9FNs9lsmZ0QIiOOBNkx/8+ |
Size | 180.00KB |
Packer |
|
TrID |
|
Published | Name | Source | Country |
---|---|---|---|
FannyWorm_9120C2A26E1F4DC362CA338B8E014B20 | web | EE |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!