× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0edec0bcdc2baab99f17efbb86ed17734bedf3a0ee819634d5c17fce04fe7927
File name: Original WanaCry Ransomeware DROPPED EXE Sample submition by onef...
Detection ratio: 43 / 58
Analysis date: 2017-05-20 14:03:53 UTC ( 5 months ago )
Antivirus Result Update
AegisLab Troj.Ransomnote.Rtf!c 20170520
AhnLab-V3 BinImage/Wannacryptor 20170520
ALYac Trojan.Ransom.WannaCryptor 20170519
Antiy-AVL Trojan[Ransom]/Win32.Wanna 20170520
Arcabit Trojan.Generic.D4D2D40 20170520
Avast Win32:WannaCry-B [Trj] 20170520
AVG FileCryptor.OYG 20170520
AVware Trojan.Win32.Generic!BT 20170520
BitDefender Trojan.GenericKD.5086034 20170520
Bkav W32.RansomwareTBK.Trojan 20170520
CAT-QuickHeal TrojanRansom.Agent 20170520
ClamAV Win.Trojan.Agent-6312824-0 20170520
Comodo UnclassifiedMalware 20170520
Cyren RTF/Trojan.NSWP-0 20170520
DrWeb Trojan.Encoder.11432 20170520
Emsisoft Trojan.GenericKD.5086034 (B) 20170520
ESET-NOD32 Win32/Filecoder.WannaCryptor.D 20170520
F-Prot W32/WannaCrypt.C 20170520
F-Secure Trojan.GenericKD.5086034 20170520
Fortinet Malware_Generic.P0 20170520
GData Trojan.GenericKD.5086034 20170520
Ikarus Trojan-Ransom.WannaCry 20170520
Jiangmin Trojan.WanaCry.a 20170520
K7AntiVirus Trojan ( 0001140e1 ) 20170520
K7GW Trojan ( 0001140e1 ) 20170520
Kaspersky Trojan-Ransom.Win32.Agent.aapw 20170520
Malwarebytes Ransom.WannaCrypt 20170520
McAfee Ransom-O 20170520
McAfee-GW-Edition Ransom-O 20170520
Microsoft Ransom:Win32/WannaCrypt.A!rsm 20170520
eScan Trojan.GenericKD.5086034 20170520
NANO-Antivirus Trojan.Win32.Agent.eopwdw 20170519
Panda Trj/RansomCrypt.I 20170520
Rising Malware.Generic.5!tfe (cloud:7SfzBq30iMV) 20170518
Sophos AV Troj/Wanna-C 20170520
TrendMicro TROJ_RA.8439967A 20170520
TrendMicro-HouseCall TROJ_RA.8439967A 20170520
VBA32 Trojan.Filecoder 20170519
ViRobot Trojan.Win32.S.WannaCry.20480[h] 20170520
Webroot W32.Ransom.Wanacryptor 20170520
Yandex Trojan.Filecoder!kFdh2S95AdQ 20170518
Zillya Trojan.WannaCry.Win32.4 20170520
ZoneAlarm by Check Point Trojan-Ransom.Win32.Agent.aapw 20170520
Ad-Aware 20170520
Alibaba 20170519
Avira (no cloud) 20170520
Baidu 20170503
CMC 20170519
CrowdStrike Falcon (ML) 20170130
Endgame 20170515
Sophos ML 20170519
Kingsoft 20170520
nProtect 20170519
Palo Alto Networks (Known Signatures) 20170520
Qihoo-360 20170520
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170520
Symantec 20170519
Symantec Mobile Insight 20170518
Tencent 20170520
TheHacker 20170516
Trustlook 20170520
VIPRE 20170520
WhiteArmor 20170517
Zoner 20170520
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
37
Uncompressed size
6162177
Highest datetime
2017-05-20 19:25:18
Lowest datetime
2010-11-20 00:46:58
Contained files by extension
exe
2
Contained files by type
RTF
28
unknown
3
Portable Executable
3
ZIP
1
BMP
1
directory
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
msg/

ZipBitFlag
0

ZipModifyDate
2017:05:20 19:25:09

File identification
MD5 b5eab22195a8895618e0e82b4eb59b8a
SHA1 18974b18dacf3d06510e01090fd7278b6acd03eb
SHA256 0edec0bcdc2baab99f17efbb86ed17734bedf3a0ee819634d5c17fce04fe7927
ssdeep
98304:Y/b96AdHA5XaTJvQYUBBgRlJi+rlliRK8lG4t:YxdHCXGvisPrlls

File size 5.9 MB ( 6167535 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-05-20 14:03:53 UTC ( 5 months ago )
Last submission 2017-05-20 14:03:53 UTC ( 5 months ago )
File names Original WanaCry Ransomeware DROPPED EXE Sample submition by onefriendforyou.blogspot.com ;-).zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!