Analyse score
8 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
8 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x8eef2e7c |
---|---|
MD5 | 48d8f7bbb500af66baa765279ce58045 |
Magic | PE32 executable (console) Intel 80386, for MS Windows |
SHA1 | 2cdb5fdeee4e9c7bd2e5f744150521963487eb71 |
SHA256 | db0d72bc7d10209f7fa354ec100d57abbb9fe2e57ce72789f5f88257c5d3ebd1 |
SHA512 | aef8aa8e0d16aab35b5cc19487e53583691e4471064bc556a2ee13e94a0546b54a33995739f0fa3c4de6ff4c6abf02014aef3efb0d93ca6847bad2220c3302bd |
SSDeep | 49152:bbevayZlMTWkygVy0nQZfVY2BtZzpPL4PuQ65+6Dv7m0KXTn:bbexZlMQcEVY2BtZzpPL4WQI9U |
Size | 2.67MB |
Packer |
|
TrID |
|
Tags |
CodeSize | 62.00KB |
---|---|
EntryPoint | 0x3aa3 |
ExifToolVersionNumber | 12.64 |
FileSize | 2.8 MB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | No relocs, Executable, 32-bit |
ImageVersion | 0.0 |
InitializedDataSize | 6.61MB |
LinkerVersion | 12.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
DanaBot.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!