File c8932ad316dcc971fd6a9be23396266e750e8918e78873b0bdaefddd02f827b8 Summary
Like

Analyse score

0 / 13

No antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0x49970bb4

MD5

2d880787d501888b4aaf54729ec5a8b8

Magic

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows

SHA1

7e7bbc4f50fda763482e451146573f1f7e4ce341

SHA256

c8932ad316dcc971fd6a9be23396266e750e8918e78873b0bdaefddd02f827b8

SHA512

17c638f21fccd2cb56df7189db3b6cd1c1a8529780c84c8cd79b593752d7a13c4d49b7bce5896653cbc4cd422f23897c387402be476128aba3a277bb9e0df33c

SSDeep

768:rKUhDDsyRDbhkwyW68VrdpF52DSfzFJTBcI:dHsyRnnyW60pF52KH

Size

45.95KB

Packer
  • PE+(64): linker: unknown(2.40)[EXE64,console]
TrID
  • 41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 26.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 5.1% (.ICL) Windows Icons Library (generic) (2059/9)
  • 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

8.50KB

EntryPoint

0x1125

ExifToolVersionNumber

12.62

FileSize

47 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, No line numbers, Large address aware, No debug

ImageVersion

0.0

InitializedDataSize

18.50KB

LinkerVersion

2.40

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

512

Show all

Submissions

Published Name Source Country
untitled.exe web DE

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!