File de599efd9457d1ab02fcc60771a485b50e8c08fed24c6953aaa3171536305791 Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

zip

zip

Basic properties

CRC32

0xf81b7c36

MD5

6af83d3ff54ec89fc666946184fa2472

Magic

Zip archive data, at least v2.0 to extract

SHA1

a4e6c26ea9a13d215a02e069c6a685f8c07f8c51

SHA256

de599efd9457d1ab02fcc60771a485b50e8c08fed24c6953aaa3171536305791

SHA512

96a243ce979a3049c09f2040a9781f8e968ef68ce69c3095651390474004e89cdcf29f5a364016c9d8ceadf1aa2ad8517a23e405f6ef7f770751fe67d8f48f69

SSDeep

49152:UucBvixLYF3pK+qi/ETLswITxEt5gbQ9zSaXWcJEMJAwIap:UdBsKE+h/Ys165gw/WwEMJAjg

Size

2.52MB

Packer
  • Binary: archive: Zip(2.0)[83.6%,2 files]
TrID
  • 80.0% (.ZIP) ZIP compressed archive (4000/1)
  • 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

2.6 MB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

[minor] Use the Duplicates option to extract tags for all 2 files

ZipBitFlag

0

ZipCompressedSize

74

ZipCompression

Deflated

ZipCrc

0xe54e0a35

ZipFileName

notas_1.1.0.28.txt

ZipRequiredVersion

20

ZipUncompressedSize

83

Show all

Submissions

Published Name Source Country
UVEClient(Version 1.1.0.28).zip web LB

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!