Analyse score
1 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
sys
1 antivirus venders flagged
this file as malicious
File is not signed
sys
CRC32 | 0xc2d637b2 |
---|---|
MD5 | 680f1dfc326680600c8111659b4b4e26 |
Magic | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
SHA1 | 1babb010c78762ca8eeb1b8d41a0902dc485659c |
SHA256 | ceaec139a9370a4cd4eca876e7c4b3d51a013d3739b3f4d526fdfeab27cd2fc2 |
SHA512 | 9aa8e7fc98b14457cb58f647d274de60fa4c4956f8369d150b09f3dcd871262dd210e840a9481178399b21d64115a64dc89e736dcc7b0bc817bbc59acfd095b5 |
SSDeep | 1536:32vMx2qCrMiZ+A8/OtS3Fa6MCQmd6C71SJCpQsWBhyd09dlZYBwV0pC:8MIqCrM7Ak6aFaGQU6C8Mp06MvmS0I |
Size | 92.50KB |
Packer |
|
TrID |
|
Tags |
CodeSize | 44.50KB |
---|---|
EntryPoint | 0x1764 |
ExifToolVersionNumber | 12.62 |
FileSize | 95 kB |
FileType | Win64 DLL |
FileTypeExtension | dll |
ImageFileCharacteristics | Executable, Large address aware, DLL |
ImageVersion | 0.0 |
InitializedDataSize | 51.50KB |
LinkerVersion | 14.26 |
MachineType | AMD AMD64 |
Published | Name | Source | Country |
---|---|---|---|
ceaec139a9370a4cd4eca876e7c4b3d51a013d3739b3f4d526fdfeab27cd2fc2 | web | AU |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!