File 6d2397caaafa9b471c695d0070e84539ce22d1d7da1d3901cf9b3a6f199264f9 Summary
Like

Analyse score

2 / 14

2 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0xc36cf3b5

MD5

bf45da6ce1b414a78fc12f932be39077

Magic

PE32 executable (console) Intel 80386, for MS Windows

SHA1

7f28bacb51896247a5fd7ab561a4100181f80a5b

SHA256

6d2397caaafa9b471c695d0070e84539ce22d1d7da1d3901cf9b3a6f199264f9

SHA512

7055311ec31e7de858dd506505a05de5841ade26814b470b21c2cf2540d28a83f519fdcedd1cbd1dfddbad6587e2abd3249a90b4eff4e14bf6e24300a4e84fce

SSDeep

6144:rA+D8t1AIDI5M6LA+ii6seldOQu/i8hOrAOtw+lDAAd2j:rAtbDIvLliiWFu/iKOrTdAAQj

Size

337.00KB

Packer
  • PE: compiler: Microsoft Visual C/C++(-)[-]
  • PE: linker: Microsoft Linker(14.28**)[EXE32,console]
TrID
  • 40.3% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 19.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 17.2% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 7.7% (.EXE) OS/2 Executable (generic) (2029/13)
  • 7.6% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CodeSize

162.00KB

EntryPoint

0xe199

ExifToolVersionNumber

12.62

FileSize

345 kB

FileType

Win32 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, 32-bit

ImageVersion

0.0

InitializedDataSize

178.00KB

LinkerVersion

14.28

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

OsVersion

6.0

PeType

PE32

Subsystem

Windows command line

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
Acrobyte SMS Verification Bypass.exe web PH

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!