File de599efd9457d1ab02fcc60771a485b50e8c08fed24c6953aaa3171536305791 Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

First submission

Basic properties

CRC32

0xf81b7c36

MD5

6af83d3ff54ec89fc666946184fa2472

Magic

Zip archive data, at least v2.0 to extract

SHA1

a4e6c26ea9a13d215a02e069c6a685f8c07f8c51

SHA256

de599efd9457d1ab02fcc60771a485b50e8c08fed24c6953aaa3171536305791

SHA512

96a243ce979a3049c09f2040a9781f8e968ef68ce69c3095651390474004e89cdcf29f5a364016c9d8ceadf1aa2ad8517a23e405f6ef7f770751fe67d8f48f69

SSDeep

49152:UucBvixLYF3pK+qi/ETLswITxEt5gbQ9zSaXWcJEMJAwIap:UdBsKE+h/Ys165gw/WwEMJAjg

Size

2.52MB

Packer
  • Binary: archive: Zip(2.0)[83.6%,2 files]
TrID
  • 80.0% (.ZIP) ZIP compressed archive (4000/1)
  • 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

2.6 MB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

[minor] Use the Duplicates option to extract tags for all 2 files

ZipBitFlag

0

ZipCompressedSize

74

ZipCompression

Deflated

ZipCrc

0xe54e0a35

ZipFileName

notas_1.1.0.28.txt

ZipRequiredVersion

20

ZipUncompressedSize

83

Show all

Submissions

Published Name Source Country
UVEClient(Version 1.1.0.28).zip web LB

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!