Analyse score
6 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
6 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x6d3cb937 |
---|---|
MD5 | 1d4b7fcbcff6113f78163cdbbd85f41e |
Magic | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
SHA1 | 07a6aa6ea11407235f673deed8c7eb088bf09b3b |
SHA256 | 8a0e22e51df135b17ef1cbd07b6004960c1e07ac604b2d83dd704141423f49e2 |
SHA512 | 778dd788f24ed994090de82ced7853ded0c9aadd508f07705ec7ade98cbfac934e1460a54253122c162edd314db321dcb5b24a934539b463bf46825805c61cac |
SSDeep | 49152:ZWsTEkwghTKv4jysGUqgCoOtt1JKYOd73luXA:ZFEkwghTKv4jysGUqgCxttK+X |
Size | 2.67MB |
Packer |
|
TrID |
|
Tags |
AssemblyVersion | 112.21.41.127 |
---|---|
CharacterSet | Unicode |
CodeSize | 2.57MB |
Comments | EbHwCJNNcKmWPDjnAWFyBZQtgGHLkXsK |
CompanyName | ZeCPRyMbWtGQTaMNPfSsJrEBGk |
EntryPoint | 0x29411a |
ExifToolVersionNumber | 12.64 |
FileDescription | WyAiXTJwEeZSBmJkMAZ |
FileFlags | (none) |
FileFlagsMask | 0x003f |
FileOs | Win32 |
Published | Name | Source | Country |
---|---|---|---|
8a0e22e51df135b17ef1cbd07b6004960c1e07ac604b2d83dd704141423f49e2.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!