File 9b2fd910a6d25ce73324040e07e3685fcf2751fdad641c974885085becbe8809 Summary

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0x99d0c012

MD5

1e5c27960c55b42117d80e60cbc65d45

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

77143febb06d02b96b279b73bd270dbd5ddee229

SHA256

9b2fd910a6d25ce73324040e07e3685fcf2751fdad641c974885085becbe8809

SHA512

10f177516a669ab824b19f0eab05c250c0009a87d9172afe04b650444bf89f5f7d237ad404f492bc4966cb63a6b9742a3dcfa757fc51b6102fbe53d45a0b9cf0

SSDeep

49152:STmLUQO0XojKSuYw/oHHKwQMfodVhTDtINMVh4OLqvPIP0bZTdj8UxH98:STRPDrQMQDtIAh4OLqvPIP0bh

Size

4.61MB

Packer
  • PE: compiler: Embarcadero Delphi(XE2-XE6)[-]
  • PE: linker: Turbo Linker(2.25*,Delphi)[EXE32]
TrID
  • 72.5% (.CPL) Windows Control Panel Item (generic) (197083/11/60)
  • 15.2% (.EXE) Win32 EXE PECompact compressed (generic) (41569/9/9)
  • 3.8% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 3.6% (.EXE) DOS Borland compiled Executable (generic) (10000/1/2)
  • 1.6% (.EXE) Win32 Executable (generic) (4505/5/1)
Tags

ExifTool File Metadata

CharacterSet

Windows, Latin1

CodeSize

3.88MB

EntryPoint

0x3e1f78

ExifToolVersionNumber

12.64

FileFlags

(none)

FileFlagsMask

0x003f

FileOs

Win32

FileSize

4.8 MB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

1.0.0.0

FileVersionNumber

1.0.0.0

ImageFileCharacteristics

Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

ImageVersion

0.0

InitializedDataSize

750.00KB

LanguageCode

English (U.S.)

LinkerVersion

2.25

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OsVersion

5.0

PeType

PE32

ProductVersion

1.0.0.0

ProductVersionNumber

1.0.0.0

Subsystem

Windows GUI

SubsystemVersion

5.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
analyze_snmptest.exe web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!