Analyse score
5 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
5 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0xd5c9f0a6 |
---|---|
MD5 | 864e453acde745eef43cbae68e7241eb |
Magic | PE32 executable (console) Intel 80386, for MS Windows |
SHA1 | bd7e920d40a1086be9d3e91babb8b466fceb21f4 |
SHA256 | efa287c1f2c01eb6b0e4292eb1fedf3fd29492ebba64e13738878fb4f9000110 |
SHA512 | 63926690d782d402c0c2750831161ce4d8710e89ccdc4a971f58480ef7f698b9471aca0f153a33ee4abae02bbb85d680d7a4fe8942234ddeee414f85847d81f7 |
SSDeep | 768:P/EAAqxG0QqLccK+xL7scaOZ/IcGs8WbwnWh+6AXT2qEDnXbiPGEDUXnpT0rJmnU:0Ac0QqgHW7/ZwcF8c6jELX+PupTNj |
Size | 54.00KB |
Packer |
|
TrID |
|
Tags |
CodeSize | 36.00KB |
---|---|
EntryPoint | 0x14ac |
ExifToolVersionNumber | 12.62 |
FileSize | 55 kB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 5079.31435 |
InitializedDataSize | 24.50KB |
LinkerVersion | 10.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
wildfire-test-pe-file (1).exe | web | SI |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!