Analyse score
1 antivirus venders flagged
this file as malicious
Signature
Signed file, invalid signature
Last scanned
First submission
File type
exe
1 antivirus venders flagged
this file as malicious
Signed file, invalid signature
exe
CRC32 | 0xaeca890e |
---|---|
MD5 | 6b89ac1d26cf8656008851a62440b005 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
SHA1 | e811b9b620c99de129311246df6d45b64366366c |
SHA256 | aa9d96c271db8ec4a4893b079fd0f52350e1e68624744d0bcb6d9b2c49bc7316 |
SHA512 | f75d7c66de41c37ac4948324af398464cb1a9123b9ad16a8a6e49083f1930d77b66cf4c139157e6cdb7e60e1553a4924c2449d98c03d77a81e043ab8c29ce79c |
SSDeep | 12288:HNrhTLpMP+R+QDCfA832AtBYmz6af0F7Z1QVjSvPJINx:HthTiP+ffCfB5Lf0F7Z1EKPeNx |
Size | 476.48KB |
Packer |
|
TrID |
|
Tags |
CharacterSet | ASCII |
---|---|
CodeSize | 440.00KB |
Comments | Created with TrueUpdate |
CompanyName | Indigo Rose Corporation |
EntryPoint | 0x135f10 |
ExifToolVersionNumber | 12.64 |
FileDescription | TrueUpdate Client |
FileFlags | (none) |
FileFlagsMask | 0x0000 |
FileOs | Win32 |
FileSize | 488 kB |
Published | Name | Source | Country |
---|---|---|---|
2wLgXx.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!