File 5a4a1f006cd2446d707fef72880e9a50cf306ec512fdf20ae9cdc1b8553d1884 Summary
Like

Analyse score

2 / 14

2 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0xfcae840e

MD5

6d140cd72dea39d2e5e5b58b66ef6892

Magic

PE32 executable (console) Intel 80386, for MS Windows

SHA1

dff4f4b955a830472fbea2a1b5d7a0a6cb60e7c2

SHA256

5a4a1f006cd2446d707fef72880e9a50cf306ec512fdf20ae9cdc1b8553d1884

SHA512

b0c5a0dd4c6bfdc9a0b639607f6223217d483390293e518e0b8fb45d6ff7cfa84169885ff0d6eba95199d5acef2d8a8e00478aa0a45be2342a1ae277735ead3a

SSDeep

6144:BA+DgW10oDI5M6LA+ii6seldSQu/i8hCrAOOrc2j:BAhgDIvLliiWRu/iKCrIj

Size

451.00KB

Packer
  • PE: compiler: Microsoft Visual C/C++(-)[-]
  • PE: linker: Microsoft Linker(14.28**)[EXE32,console]
TrID
  • 40.3% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 19.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 17.2% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 7.7% (.EXE) OS/2 Executable (generic) (2029/13)
  • 7.6% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CodeSize

162.00KB

EntryPoint

0xe199

ExifToolVersionNumber

12.62

FileSize

462 kB

FileType

Win32 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, 32-bit

ImageVersion

0.0

InitializedDataSize

292.00KB

LinkerVersion

14.28

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

OsVersion

6.0

PeType

PE32

Subsystem

Windows command line

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
Mailify.exe web PH

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!