File 7db9709a28664b72ccb106fb5474722a58e2248427c55abd0327d2ae73434cc2 Summary
Like

Analyse score

2 / 14

2 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0x6df74fa5

MD5

32383b7b56013eb9920deb1c479d1c3f

Magic

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

SHA1

592a6fe4256a18e041619b8198e0c77f46a2e764

SHA256

7db9709a28664b72ccb106fb5474722a58e2248427c55abd0327d2ae73434cc2

SHA512

67cd871a20e695f35e049ef69813af59505857524b06e3ac993bc9975634474aef2097e681532e595e97897e0039d3e781b031194a20edf9b33496fce2955581

SSDeep

12288:iyQaMFM0Mvxv96lPGfGAS3aczHjOpJ5bX9Ek1GgO5vcJX32n4DVRTIwEhbWy:iyjv9olufGasDO1JkgkcJ2nyVRTAhb

Size

1.05MB

Packer
  • PE: library: .NET(v4.0.30319)[-]
  • PE: linker: Microsoft Linker(48.0)[EXE32]
TrID
  • 63.0% (.EXE) Generic CIL Executable (.NET, Mono, etc.) (73123/4/13)
  • 11.2% (.SCR) Windows screen saver (13097/50/3)
  • 9.0% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 5.6% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 3.8% (.EXE) Win32 Executable (generic) (4505/5/1)
Tags

ExifTool File Metadata

AssemblyVersion

1.0.0.0

CharacterSet

Unicode

CodeSize

1.04MB

Comments

CompanyName

EntryPoint

0x10d30e

ExifToolVersionNumber

12.62

FileDescription

DLPK

FileFlags

(none)

FileFlagsMask

0x003f

FileOs

Win32

FileSize

1097 kB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

1.0.0.0

FileVersionNumber

1.0.0.0

ImageFileCharacteristics

Executable, 32-bit

ImageVersion

0.0

InitializedDataSize

2.00KB

InternalName

UnmxRI.exe

LanguageCode

Neutral

LegalCopyright

Copyright © 2019

LegalTrademarks

LinkerVersion

48.0

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OriginalFileName

UnmxRI.exe

OsVersion

4.0

PeType

PE32

ProductName

DLPK

ProductVersion

1.0.0.0

ProductVersionNumber

1.0.0.0

Subsystem

Windows GUI

SubsystemVersion

4.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
7db9709a28664b72ccb106fb5474722a58e2248427c55abd0327d2ae73434cc2.exe web EE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!