File 70a4eaa922293042475283086e525105b13831a1c67e5278813e91c5a3d1a3d6 Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0xdf9e8d72

MD5

eb48af8833033eb9fa1aee01ecaf0837

Magic

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows

SHA1

bc0e92b93e0b17038948856af77ed450298339fd

SHA256

70a4eaa922293042475283086e525105b13831a1c67e5278813e91c5a3d1a3d6

SHA512

d26ad38f074ac57c75ba46a2f942edf1cf767dce8ce8bd8d17552e221d9273fd017e0b188fad05ba8ace01e9fa70efd32ea6b8e8e1321f1f97afa9f08f0e8fb7

SSDeep

768:6yBsDDsyxKdowVWjYz4mE9+dJ82z7mTecI:SHsyMLVWjI4mE9+043

Size

47.24KB

Packer
  • PE+(64): linker: unknown(2.40)[EXE64,console]
TrID
  • 41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 26.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 5.1% (.ICL) Windows Icons Library (generic) (2059/9)
  • 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

9.00KB

EntryPoint

0x1125

ExifToolVersionNumber

12.62

FileSize

48 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, No line numbers, Large address aware, No debug

ImageVersion

0.0

InitializedDataSize

19.00KB

LinkerVersion

2.40

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

512

Show all

Submissions

Published Name Source Country
untitled.exe web DE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!