× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ea6b688997a26a10d788a76b6ea1ec264d23ef9c015c9ebb7c259a627e272ea
File name: wannacry_pan.baidu.com_keodynoc710.zip
Detection ratio: 49 / 58
Analysis date: 2017-06-25 10:18:26 UTC ( 3 months, 4 weeks ago )
Antivirus Result Update
AegisLab Troj.Ransom.W32.Wanna.toNl 20170623
AhnLab-V3 Trojan/Win32.WannaCryptor.R200589 20170625
ALYac Trojan.GenericKD.5085944 20170625
Antiy-AVL Trojan/Win32.Deshacop 20170625
Arcabit Trojan.Generic.D4D9AF8 20170625
Avast Win32:WanaCry-A [Trj] 20170625
AVG Win32:WanaCry-A [Trj] 20170625
Avira (no cloud) TR/FileCoder.724645 20170625
AVware Trojan.Win32.Generic!BT 20170625
Baidu Win32.Trojan.WannaCry.c 20170623
BitDefender Trojan.GenericKD.5057856 20170625
Bkav W32.WanaCryptBTTc.Worm 20170624
CAT-QuickHeal Ransom.WannaCrypt.A4 20170624
ClamAV Win.Trojan.Agent-6312824-0 20170625
Comodo UnclassifiedMalware 20170625
Cyren Trojan.IAFY-9 20170625
DrWeb Trojan.Encoder.11432 20170625
ESET-NOD32 Win32/Filecoder.WannaCryptor.D 20170625
F-Prot W32/WannaCrypt.A 20170625
F-Secure Trojan.GenericKD.5057856 20170625
Fortinet W32/GenKryptik.1C25!tr 20170625
GData Trojan.GenericKD.5057856 20170625
Ikarus Trojan-Ransom.WannaCry 20170625
Sophos ML heuristic 20170607
Jiangmin Trojan.WanaCry.a 20170625
K7AntiVirus Trojan ( 0001140e1 ) 20170623
K7GW Trojan ( 0001140e1 ) 20170625
Kaspersky Trojan-Ransom.Win32.Wanna.aa 20170625
Malwarebytes Ransom.WannaCrypt 20170625
McAfee Ransom-O 20170625
McAfee-GW-Edition Ransom-O 20170624
Microsoft Ransom:Win32/WannaCrypt 20170625
eScan Trojan.GenericKD.5057856 20170625
NANO-Antivirus Trojan.Win32.Wanna.eottwl 20170625
Panda Trj/RansomCrypt.K 20170625
Rising Malware.Generic.5!tfe (cloud:7SfzBq30iMV) 20170625
Sophos AV Troj/Wanna-D 20170625
Symantec Trojan.Gen.NPE 20170624
Tencent Win32.Trojan.Raas.Auto 20170625
TheHacker Trojan/Filecoder.WannaCryptor.d 20170623
TrendMicro RANSOM_WCRY.I 20170625
TrendMicro-HouseCall Suspici.41E64941 20170625
VBA32 Hoax.Wanna 20170623
ViRobot Trojan.Win32.S.WannaCry.245760 20170624
Webroot W32.Ransom.Wannacry 20170625
Yandex Trojan.Filecoder!vJ8G5Dz20yg 20170623
Zillya Trojan.WannaCry.Win32.9 20170623
ZoneAlarm by Check Point Trojan-Ransom.Win32.Wanna.aa 20170625
Zoner Trojan.Wannacry 20170625
Ad-Aware 20170625
Alibaba 20170623
CMC 20170625
CrowdStrike Falcon (ML) 20170420
Endgame 20170615
Kingsoft 20170625
nProtect 20170625
Palo Alto Networks (Known Signatures) 20170625
Qihoo-360 20170625
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170623
Symantec Mobile Insight 20170623
Trustlook 20170625
VIPRE 20170625
WhiteArmor 20170616
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
47
Uncompressed size
16939602
Highest datetime
2017-05-12 19:19:32
Lowest datetime
2010-11-20 04:16:58
Contained files by extension
exe
4
eky
1
zip
1
res
1
pky
1
lnk
1
txt
1
Contained files by type
RTF
28
unknown
9
Portable Executable
5
ZIP
2
directory
2
BMP
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
keodynoc710/

ZipBitFlag
0

ZipModifyDate
2017:05:12 17:53:10

File identification
MD5 fccbe686b494530791adc2281c52bd35
SHA1 3820505f09800907a183a1a93284e356fac2e589
SHA256 5ea6b688997a26a10d788a76b6ea1ec264d23ef9c015c9ebb7c259a627e272ea
ssdeep
196608:tjQdo+rndViKmLA3HZhb1EVipUJT0OysRRHC2scq6:tjUt5h17pUJgOysRRHKH6

File size 7.7 MB ( 8055105 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-05-13 09:59:44 UTC ( 5 months, 1 week ago )
Last submission 2017-06-25 10:18:26 UTC ( 3 months, 4 weeks ago )
File names wannacry_pan.baidu.com_keodynoc710.zip
keodynoc710.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!