File f161d030d177ef31037063d058b7002a97d80346036e2cf60644fa26e9fc7061 Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0x519cc765

MD5

27bc752190cba366233ee7520e518993

Magic

PE32+ executable (console) x86-64, for MS Windows

SHA1

75fc1d9ee09dd6423043481bd8aaf710abef8997

SHA256

f161d030d177ef31037063d058b7002a97d80346036e2cf60644fa26e9fc7061

SHA512

f2ec2cd2942eea0afd827f035de10335cc4a27b364e0e84fa0e750e3b74c68653e7df04046aefdf4912e2761085ce8d35a831379fa3bc66f4481db0507400794

SSDeep

384:tMeFQJ+8J9z9TIk4sZgenYQ/SOwMbRXL9LGnaiJ7HQ6XJK3VmFxqMEuGnr4F0Qq:yeqT9sc7akF9LG7ZKBLuGr4OJsc

Size

36.00KB

Packer
  • PE+(64): compiler: Microsoft Visual C/C++(-)[-]
  • PE+(64): linker: Microsoft Linker(14.29**)[EXE64,console]
TrID
  • 44.4% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 21.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 8.7% (.ICL) Windows Icons Library (generic) (2059/9)
  • 8.5% (.EXE) OS/2 Executable (generic) (2029/13)
  • 8.4% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CodeSize

14.50KB

EntryPoint

0x3a74

ExifToolVersionNumber

12.49

FileSize

37 kB

FileType

Win64 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, Large address aware

ImageVersion

0.0

InitializedDataSize

22.00KB

LinkerVersion

14.29

MachineType

AMD AMD64

MimeType

application/octet-stream

OsVersion

6.0

PeType

PE32+

Subsystem

Windows command line

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
test.exe web CN

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!