File 86efe4009edea16627d9ebe091ff3bb56dc8e1932e691744159f2152859a0a1b Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0xd092c610

MD5

7e0560140f6b58467733ac6ebcf8eb1d

Magic

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows

SHA1

1a57f82eb68042d8defe849374672ed1cd78b2ca

SHA256

86efe4009edea16627d9ebe091ff3bb56dc8e1932e691744159f2152859a0a1b

SHA512

50a45fb4c240136865c92e3787cb8bdbde746d623381f386e53213c7ac6502e7c4950bca671fc07fff92a80eb89912fe0fada920140ab23012dd0f8af0745d1a

SSDeep

768:byBsDDsyuG6KdowVWjYz4mE9+dJ82z7mTecI:9HsyR1LVWjI4mE9+043

Size

47.24KB

Packer
  • PE+(64): linker: unknown(2.40)[EXE64,console]
TrID
  • 41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 26.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 5.1% (.ICL) Windows Icons Library (generic) (2059/9)
  • 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

9.00KB

EntryPoint

0x1125

ExifToolVersionNumber

12.62

FileSize

48 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, No line numbers, Large address aware, No debug

ImageVersion

0.0

InitializedDataSize

19.00KB

LinkerVersion

2.40

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

512

Show all

Submissions

Published Name Source Country
untitled.exe web DE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!