Analyse score
9 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
9 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0xee49887e |
---|---|
MD5 | 4b3cb5fa27ecd7e789169ddd479b4639 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 5f85c9e51cb55edc370709cf84b65f562983b34f |
SHA256 | 58b85da914d473c278f9a5f857920087a5405c5a1abb1292934772152dce7eca |
SHA512 | 0c1f8b96be7d0cee6382608042686b41207246b9d1487446ea8cdcc6ff97410dcf152cda9eb1f748607c2a142806fc7edc3dfad7d0e94c51b476e8f9f37643e0 |
SSDeep | 24576:kJQuZwGk+UWwKl2mc5mcKIwmjcCWO0LOBKqzOvJf:vuZZk+UFUD43ljcVX |
Size | 1.20MB |
Packer |
|
TrID |
|
Tags |
CodeSize | 344.50KB |
---|---|
EntryPoint | 0x19fea |
ExifToolVersionNumber | 12.44 |
FileSize | 1258 kB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 5.1 |
InitializedDataSize | 889.50KB |
LinkerVersion | 11.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
VirusShare_4b3cb5fa27ecd7e789169ddd479b4639 | api | CN |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!