File 6ac0741bb3eb359635e6be11f4832c94a8a976d9a84e9ab371315381614b01ef Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

First submission

Basic properties

CRC32

0x38ac4cea

MD5

25c6264f508213b1403d2315e96394a7

Magic

Zip archive data, at least v2.0 to extract

SHA1

6cb6b7d211ae8eae453b1eec9714d95f002bd2b1

SHA256

6ac0741bb3eb359635e6be11f4832c94a8a976d9a84e9ab371315381614b01ef

SHA512

2083a0fb437fca5cb814b3107a88700d496682c679185249c75e59f0a485deb1dabf0b3ee7740bab24dec285fefd2157c8d38d014f6bf6a72c5e427447a47950

SSDeep

Size

1.21KB

Packer
  • Binary: archive: Zip(2.0)[encrypted,29.5%,1 file]
TrID
  • 80.0% (.ZIP) ZIP compressed archive (4000/1)
  • 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

1240 bytes

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

Stream mode data encountered, file list may be incomplete

ZipBitFlag

0x0009

ZipCompressedSize

1058

ZipCompression

Deflated

ZipCrc

0xb4e3bd1c

ZipFileName

cm#8.exe

ZipRequiredVersion

20

ZipUncompressedSize

3584

Show all

Submissions

Published Name Source Country
6490994f33c5d43938913a00.zip web FR

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!