Analyse score
9 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
9 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0xc0678cd0 |
---|---|
MD5 | be8ae0cfbe8c093cf632ab8b1481019d |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 90c082396eef81ed87b38e4ebafc56f6ac814cfe |
SHA256 | f8e73ff888cd0f8d492e7a51df0e747c55184f367702ec700a38c182c6828b7a |
SHA512 | 34616db5e9557078bce9730da458fb3c4a7dabaa7ab4bb6bb8f5d01b66ad976b274e919afdfb57d2fc8d88f2bb78b6fe08b025d8771d9ed31ecfab0596c619cf |
SSDeep | 1536:IPrbYQXh+BZiovlIMR51iglsWL4CpMb+KR0Nc8QsJq39:WYW0nvNggiwpe0Nc8QsC9 |
Size | 72.07KB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Unicode |
---|---|
CodeSize | 44.00KB |
CompanyName | Apache Software Foundation |
EntryPoint | 0x1d7f |
ExifToolVersionNumber | 12.64 |
FileDescription | ApacheBench command line utility |
FileFlags | (none) |
FileFlagsMask | 0x003f |
FileOs | Win32 |
FileSize | 74 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
payload.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!