Analyse score
4 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
4 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x7702e081 |
---|---|
MD5 | 4593c5798296de49381eb8e60452a80f |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | de4e77a10ae4ecfddfb7611c4880fca8fcdfa1c1 |
SHA256 | 86a5a0133bfa9baa4c59f4e9964b473afd3bc1e5a6decc8124737d67aad40795 |
SHA512 | 36a6abc8392e9d4dfe788cef3c7b3d6294641b3f398a1e888c51752d258541b4a63e47ed7fb2f8f104f3c68d537e8dd41632e5178b3dce0abc08fedf3a64ee21 |
SSDeep | 1536:yi0h2omUmOK7xpkqQF2tiicjlIW7aie6x0wi/MOgA1OFPvNXRWXHrE:ypdmOK7j7Qvicja2smdi/MOhP3 |
Size | 169.50KB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Unicode |
---|---|
CodeSize | 52.50KB |
CompanyName | Microsoft Corporation |
EntryPoint | 0xc8e0 |
ExifToolVersionNumber | 12.62 |
FileDescription | Character Map |
FileFlags | Private build |
FileFlagsMask | 0x003f |
FileOs | Windows NT 32-bit |
FileSize | 174 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
王子凌薪资证明1.scr | web | US |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!