File 8a7a9855fe9ffea98103a9591f2a21aa9a813c361ecced0839a0ff2025aeecd7 Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0x5afab717

MD5

b2b3a258b8bc266e812272f8bd0f1b6e

Magic

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows

SHA1

fde7d216a15ec2e6d98092f07de1217c1ecbe553

SHA256

8a7a9855fe9ffea98103a9591f2a21aa9a813c361ecced0839a0ff2025aeecd7

SHA512

f23e803e75c1bbc4560e4d1890ce6740686ef1a60b4bcf2fab2e0882c5f91bb89f748a39be9dd551d6fb1f27a8c3e148cf6fa0a753c2cab21a86d88c5ccc420f

SSDeep

384:1PlyZ5l5tsDDsyIQMazmB59owlaqjduVZhGMKlf7CGFltBWCW:18BsDDsyxKdowsqjdAZQMI+GF3W

Size

48.00KB

Packer
  • PE+(64): linker: unknown(2.40)[EXE64,console]
TrID
  • 41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 26.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 5.1% (.ICL) Windows Icons Library (generic) (2059/9)
  • 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

9.00KB

EntryPoint

0x1125

ExifToolVersionNumber

12.62

FileSize

49 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, No line numbers, Large address aware, No debug

ImageVersion

0.0

InitializedDataSize

47.00KB

LinkerVersion

2.40

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

512

Show all

Submissions

Published Name Source Country
Stub.exe web DE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!