File 7a2fe2a78359d2c3d16492187841049cbfbf4185a2fe9ce6802c72ba0b9dfa6c Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

Signed file, invalid signature

Last scanned

First submission

Basic properties

CRC32

0xa2e140eb

MD5

d3368ef12e3fa29dae69112bc1cae347

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

9d4e9f65996e5e3fdadea22feb3e04f948c4de58

SHA256

7a2fe2a78359d2c3d16492187841049cbfbf4185a2fe9ce6802c72ba0b9dfa6c

SHA512

6d5fe4079eb9ed0268ecc140f792bd179005a9ba276a43569164cdb5feba3471612b11737081731c893e93bf21534569fd6bab1c5292c750da53ee7f415b3d70

SSDeep

12288:NKmZUzzNgnXwd7QHUGn9f5xovK7hWYhK49gElg3/mOdHWEICdxZOh:AmZUPNhQ0Gn9f5xXhWYU45a3/nW6dyh

Size

992.97KB

Packer
  • PE: compiler: Microsoft Visual C/C++(-)[-]
  • PE: linker: Microsoft Linker(14.36**)[EXE32,signed]
TrID
  • 40.3% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 19.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 17.2% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 7.7% (.EXE) OS/2 Executable (generic) (2029/13)
  • 7.6% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CharacterSet

Unicode

CodeSize

437.00KB

CompanyName

Spotify Ltd

EntryPoint

0x41350

ExifToolVersionNumber

12.62

FileDescription

SpotifyInstaller

FileFlags

(none)

FileFlagsMask

0x0017

FileOs

Win32

FileSize

1017 kB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

0,0,0,0

FileVersionNumber

1.2.22.982

ImageFileCharacteristics

No relocs, Executable, Large address aware, 32-bit

ImageVersion

0.0

InitializedDataSize

549.00KB

InternalName

SpotifyInstaller

LanguageCode

Neutral

LegalCopyright

Copyright (c) 2023, Spotify Ltd

LinkerVersion

14.36

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OriginalFileName

SpotifyInstaller.exe

OsVersion

6.0

PeType

PE32

ProductName

Spotify

ProductVersion

1.2.22.982.g794acc0a

ProductVersionNumber

0.0.0.0

Subsystem

Windows GUI

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
SpotifySetup.exe web US

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!