Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xe0920628 |
---|---|
MD5 | 3c12409e7a29f96cc910f39215e2af47 |
Magic | JSON data |
SHA1 | 0ea405841f0b7f15f7fee7154010f57598899c2b |
SHA256 | b37453cac85c714e86687481508ff80f2d3d9694c9d97937ded11d2db1f7a8a8 |
SHA512 | cd1b8be64ae16ddcdabe1991502386cf52a055fec1c7e3432ebb8ad9c88ef5ff3a1780f45a2d69178766f6d743ed4343b8898a6569b38b7077c54c0bceca4cc9 |
SSDeep | 384:hYBRwwbyiS6AcGVflScmH5IY6Z08teMdNN:UHyiSD |
Size | 12.25KB |
Packer |
|
TrID |
|
Body | Пивет |
---|---|
ExifToolVersionNumber | 12.62 |
FileSize | 13 kB |
FileType | JSON |
FileTypeExtension | json |
From | stern@q3mcco35auwcstmt.onion |
MimeType | application/json |
To | defender@q3mcco35auwcstmt.onion |
Published | Name | Source | Country |
---|---|---|---|
185.25.51.173-20210427.json | web | EE |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!