File b7b7d9abbbe47a305e9c5604dd2971681f3cba20a1ab9c5ca6f368c0fc6e5db5 Summary
Like

Analyse score

3 / 14

3 antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

zip

zip

Basic properties

CRC32

0xf75da5a9

MD5

00c9d5699f1e90c15fbc25c9bbe4b8b2

Magic

Zip archive data, at least v2.0 to extract

SHA1

9c7b023a8f5d4bc331bdda171a01a7d44085ba8e

SHA256

b7b7d9abbbe47a305e9c5604dd2971681f3cba20a1ab9c5ca6f368c0fc6e5db5

SHA512

450464de0ec44628b429c4831f43705bddee14b19c87b6be619187ef517a197c3a76e46edb4ce71e8ed250aab77a4d7e5568d6cb0fd1f70e6b21bce5016163ef

SSDeep

1536:ravNqKAQHDsAt+F4fJ8CzTuDyqg7CAu8252XvqmYqNrzIacrJhWOYyu9b:r7nQjsb0JnuuqguAcLmDNrzHcnWbvb

Size

72.43KB

Packer
  • Binary: archive: Zip(2.0)[0.0%,1 file,1 dir]
TrID
  • 80.0% (.ZIP) ZIP compressed archive (4000/1)
  • 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Tags

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

74 kB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

Stream mode data encountered, file list may be incomplete

ZipBitFlag

0

ZipCompressedSize

0

ZipCompression

None

ZipCrc

0x00000000

ZipFileName

cb/

ZipRequiredVersion

20

ZipUncompressedSize

0

Show all

Submissions

Published Name Source Country
王子凌薪资证明.zip web US

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!