Analyse score
6 antivirus venders flagged
this file as malicious
Signature
Signed file, valid signature
Last scanned
First submission
File type
exe
6 antivirus venders flagged
this file as malicious
Signed file, valid signature
exe
CRC32 | 0x729ff757 |
---|---|
MD5 | 1e2a99ae43d6365148d412b5dfee0e1c |
Magic | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
SHA1 | 33c02d70abb2f1f12a79cfd780d875a94e7fe877 |
SHA256 | e248b01e3ccde76b4d8e8077d4fcb4d0b70e5200bf4e738b45a0bd28fbc2cae6 |
SHA512 | d962f2e4bbeee0183a3b75f26ccc6de273c28fe5a191c83c1e4ea6c84c8f70b535273452e05c5e11e4df725cad3054e346ad0b3d98348718a00a350b87a5fa0c |
SSDeep | 24576:sWjYtbXSRxqO8m657w6ZBLmkitKqBCjC0PDgM5A6:sW8tbiJVV1BCjB |
Size | 1.04MB |
Packer |
|
TrID |
|
Tags |
AssemblyVersion | 4.0.1.0 |
---|---|
CharacterSet | Unicode |
CodeSize | 1.01MB |
Comments |
|
CompanyName |
|
EntryPoint | 0x103c5e |
ExifToolVersionNumber | 12.64 |
FileDescription | PdfPower |
FileFlags | (none) |
FileFlagsMask | 0x003f |
FileOs | Win32 |
Published | Name | Source | Country |
---|---|---|---|
vRCVE6f7ztgu | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!