Analyse score
2 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
2 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x36690151 |
---|---|
MD5 | bb1ac124ec1c90ea39810e67ddb97451 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | aaa0e1c642007620e9c2bf9b09248ab811b724d6 |
SHA256 | 9c9b237462dcdc1b6f210280b44c9efedd34065f12a342c8fcf3a2eea65f18da |
SHA512 | 983934c74bbdbdb579812863486ca27aada9bf2c5b3d1509ee26fa3ab1c0f0ac48127e7c86f594e793ebfcd2faaf41e22cc68489d52a885990952a848b17abc0 |
SSDeep | 196608:Qw/Aw/WtQlopet60UhwRlSEsRUcZ8/ehfa42YeC4k6fI4/:Qw/Aw/W7pet60DlGOgaqIj |
Size | 8.16MB |
Packer |
|
TrID |
|
Tags |
CodeSize | 197.00KB |
---|---|
EntryPoint | 0x1ed60 |
ExifToolVersionNumber | 12.64 |
FileSize | 8.6 MB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 0.0 |
InitializedDataSize | 667.00KB |
LinkerVersion | 14.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
fathe3.sfx.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!