Analyse score
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xd369886c |
---|---|
MD5 | adb5097bd18773e33de97ee769ee15ad |
Magic | ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=4Q0hg67vvbP42s3Tm-AK/QkXpkrUziVMGM4IHKqzi/GOnVdPI-c-VwTXqCDSdo/c5BRQkxeC4vOxJl7x4hp, with debug_info, not stripped |
SHA1 | adc60ac1a184c6df3e31d264c87beb746dd6dd6f |
SHA256 | afb40da0615efdc130efc6583b8db678e94759447431d8610dca3eedd6517ba2 |
SHA512 | 946745684d28f9bad401eaf542c93ea10833579abaee21a45dfa4ba1c2b224c817bd2320436e8616b203c2c83516d30e9a2916a7942c30256631fab127dc2a93 |
SSDeep | 393216:NUC2sXmRGSrdBjqhWO2tsmQMkpVDI8TpgO:NqA/SrRGmtk3D1pT |
Size | 34.84MB |
Packer |
|
TrID |
|
CpuArchitecture | 64 bit |
---|---|
CpuByteOrder | Little endian |
CpuType | AMD x86-64 |
ExifToolVersionNumber | 12.62 |
FileSize | 37 MB |
FileType | ELF executable |
FileTypeExtension |
|
MimeType | application/octet-stream |
ObjectFileType | Executable file |
Published | Name | Source | Country |
---|---|---|---|
cmd | web | JP |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!