Analyse score
11 antivirus venders flagged
this file as malicious
11 antivirus venders flagged
this file as malicious
CRC32 | 0x6df335f7 |
---|---|
MD5 | 769fdda466dcd97eb8a7a99c958d460e |
Magic | ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1160ff112cc7794bb149ea33daaf6db0948fc63a, stripped |
SHA1 | 5ac485d60fe2c096b10cda2624588427928e3f0d |
SHA256 | 9802a1e8fb425ac3a7c0a7fca5a17cfcb7f3f5f0962deb29e3982f0bece95e26 |
SHA512 | d0a514d81b0453f532e56875d912f1297d0e8bc81ac7e29f402ad0173c203aca135d9712d0e38e301f6d72737a7c5c06b364c9bd76f0e2f422da680f5cb04de1 |
SSDeep | 49152:IqeL+lTdKGwpizjdRVdjezCFvw9b28vXUG3ao3tAbK:Iqe0/FdjezChXbK |
Size | 1.83MB |
Packer |
|
TrID |
|
Tags |
CpuArchitecture | 64 bit |
---|---|
CpuByteOrder | Little endian |
CpuType | AMD x86-64 |
ExifToolVersionNumber | 12.49 |
FileSize | 1922 kB |
FileType | ELF shared library |
FileTypeExtension | so |
MimeType | application/octet-stream |
ObjectFileType | Shared object file |
Published | Name | Source | Country |
---|---|---|---|
nanofocus_plus_dc | web | CN |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!