Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0x3367a640 |
---|---|
MD5 | b5fdd7a4ad66dde4ed261cc469c5ff56 |
Magic | u-boot legacy uImage, \002, Linux/ARM, OS Kernel Image (lzma), 7340036 bytes, Tue Dec 20 03:56:30 2022, Load Address |
SHA1 | 1eb15e4217c5ab4e909f975d577eba8613b57a67 |
SHA256 | 686df238d4bb5782c2059b36431d8ef04fa1670039ceb9f6848e3cb7eac1b455 |
SHA512 | d9fbbcff4a85274859a20f7f77a635d2d0b7aeec6f37ec955d5e6d2bb5f47933d13729de54024a1a1e124c454ec92be4c7eeb45e85bb08ee38bd977167d821a2 |
SSDeep | 196608:ucH/CaA1AjVyF2DhVeSd0XqWuQ2vC1UkDHBonibM4oS4o:nqa7jAF27Z0XqWuQ+4THB8iAO4o |
Size | 7.00MB |
Packer |
|
TrID |
|
Published | Name | Source | Country |
---|---|---|---|
US_AC8V4.0si_V16.03.34.06_cn_TDC01.bin | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!