Analyse score
3 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
3 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x90235780 |
---|---|
MD5 | 66532600ff8ff9031120ba007eb143d8 |
Magic | PE32 executable (console) Intel 80386, for MS Windows |
SHA1 | 04bf488390149db57cb534d8e4d860d20515b295 |
SHA256 | bdc827cc3a5367cd6f87deb7ff4add252087a9fe541bc5e50e43b29fdd1a571d |
SHA512 | de73f93e07be1904fdfac9bfc18fd363a49a569911e15eef4b257958617057f7de101487a3c08245403aa4d15f255dd430d6e88737e90c8a027dcc7b9016696d |
SSDeep | 6144:PqpDqM1Fc4DI5M6LA+ii6seld6Qu/i8harAOR+63dDcP2j:PqUoDIvLliiWpu/iKarz3drj |
Size | 270.00KB |
Packer |
|
TrID |
|
Tags |
CodeSize | 162.00KB |
---|---|
EntryPoint | 0xe199 |
ExifToolVersionNumber | 12.62 |
FileSize | 276 kB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 0.0 |
InitializedDataSize | 111.00KB |
LinkerVersion | 14.28 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
Repo_Fucker.exe | web | PH |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!