Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xc0f20c86 |
---|---|
MD5 | 325b8921359d8285c906b65dbc0101f2 |
Magic | JSON data |
SHA1 | 155262787c6a500cc87047b678d377b389d611f9 |
SHA256 | 9c4054bbe54ebc2fe842a10d54fbf2c79f31cb00ffb0893a1399a0c84029d3fd |
SHA512 | 5b5791f06315e63f35c4ad9a1c3b312a58a9f4e78fa39f9001212f8bfe241db71cd7ca23e7a34b4a007c2d449f1ae44ac2f114cea07cd317358b2cf530e50a4b |
SSDeep | 96:Wy2Fvy242Hiy2Ky2Lhy2/y2lJg2HqxE2HMgy2My25hy289Hy2b0YP5YrHs8x02Hz:XLhQE8glcgEtMegXSwOx0OaSC2SiBqtW |
Size | 5.26KB |
Packer |
|
TrID |
|
Body | немного) |
---|---|
ExifToolVersionNumber | 12.62 |
FileSize | 5.4 kB |
FileType | JSON |
FileTypeExtension | json |
From | love@q3mcco35auwcstmt.onion |
MimeType | application/json |
To | grant@q3mcco35auwcstmt.onion |
Published | Name | Source | Country |
---|---|---|---|
185.25.51.173-20210530.json | web | EE |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!