File 8827c1cb80e1c807a1dfe14dee360e60f3451ca83ef8a7b5f9a41e29dcf5df60 Summary

Analyse score

8 / 14

8 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0x440e8f9e

MD5

8e80a28354a26b06bbb8a7ed271b8ba4

Magic

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

SHA1

e9b9f5f9e5fbcd144e4ffe89e0bfb1d008506d01

SHA256

8827c1cb80e1c807a1dfe14dee360e60f3451ca83ef8a7b5f9a41e29dcf5df60

SHA512

246fb5e0a1be050e153ec7ca25b9fabfd1c01c0ed41a42570e5c705596b58ad9a67f7d45ee53ce5d4a021db46a2611b8c285b8115b3f334a829f316930a26c2d

SSDeep

1536:lJaYOFIols/Cxpz6lotZrU75ctmlrYseImnPxqqPDzwkSIhb0c94McE2B7chOd:lJajaOoC5ZQ7StmaznPpgT20gSPB7ch

Size

92.50KB

Packer
  • PE: linker: unknown(14.30)[DLL32]
TrID
  • 45.9% (.EXE) Win32 Executable MS Visual C++ (generic) (31206/45/13)
  • 15.4% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 9.6% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 7.4% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 6.6% (.EXE) Win32 Executable (generic) (4505/5/1)
Tags

ExifTool File Metadata

CharacterSet

Unicode

CodeSize

55.50KB

CompanyName

sgssgsfg

EntryPoint

0x3a70

ExifToolVersionNumber

12.62

FileDescription

yjgjjghj

FileFlags

(none)

FileFlagsMask

0x0000

FileOs

Windows NT 32-bit

FileSize

95 kB

FileSubtype

0

FileType

Win32 DLL

FileTypeExtension

dll

FileVersion

5.13.7

FileVersionNumber

1.0.0.1

ImageFileCharacteristics

Executable, 32-bit, DLL

ImageVersion

0.0

InitializedDataSize

53.00KB

InternalName

gdfgf.exe

LanguageCode

Process default

LegalCopyright

Copyright sgssgsfg (C) 2020

LinkerVersion

14.30

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OriginalFileName

gdfgf.exe

OsVersion

5.0

PeType

PE32

ProductName

fgdfgfgdfgf

ProductVersion

5.13.7

ProductVersionNumber

1.0.0.1

Subsystem

Windows GUI

SubsystemVersion

5.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
e9b9f5f9e5fbcd144e4ffe89e0bfb1d008506d01 web AU

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!