Analyse score
5 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
5 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x9e936874 |
---|---|
MD5 | c5e430d78ff30617dd35e2e3d8195a89 |
Magic | PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows |
SHA1 | 9759d2aa1f554e59f60a7ca583ed474e3893cd0e |
SHA256 | 9e7d694ed87ae95f9c25af5f3a5cea76188cd7c1c91ce49c92e25585f232d98e |
SHA512 | 8160c01c817b55f823a10fc50a7543eda4407422a7f7f6cd0622b719f5bc771321b91346f9f21c953e6cb06bb477b83625605911f532a66b842c68fd34585105 |
SSDeep | 3072:JQcpywWBS+F9TQw4cesrHyrOMGTkrNRD:JlY9T6cekMGTuNR |
Size | 116.00KB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Windows, Latin1 |
---|---|
CodeSize | 45.50KB |
CompanyName |
|
EntryPoint | 0x14c0 |
ExifToolVersionNumber | 12.64 |
FileDescription | Paranoid Fish is paranoid |
FileFlags | (none) |
FileFlagsMask | 0x0000 |
FileOs | Unknown (0) |
FileSize | 119 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
pafish.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!