× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 85ce324b8f78021ecfc9b811c748f19b82e61bb093ff64f2eab457f9ef19b186
File name: byytwrsjrbxfg387.zip
Detection ratio: 44 / 57
Analysis date: 2017-05-22 16:45:59 UTC ( 6 months, 3 weeks ago )
Antivirus Result Update
AegisLab Troj.Ransom.W32.Wanna.toNl 20170522
AhnLab-V3 Trojan/Win32.WannaCryptor.R200589 20170522
ALYac Trojan.Ransom.WannaCryptor 20170522
Antiy-AVL Trojan/Win32.Deshacop 20170522
Arcabit Trojan.Generic.D4D2D40 20170522
Avast Win32:WanaCry-A [Trj] 20170522
AVG Generic_r.SSZ 20170522
Avira (no cloud) TR/FileCoder.724645 20170522
AVware Trojan.Win32.Generic!BT 20170522
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9973 20170503
BitDefender Trojan.GenericKD.5057856 20170522
CAT-QuickHeal Ransom.WannaCrypt.A4 20170522
ClamAV Win.Trojan.Agent-6312824-0 20170522
Comodo UnclassifiedMalware 20170522
Cyren W32/Trojan.FSSE-8992 20170522
DrWeb Trojan.Encoder.11432 20170522
Emsisoft Trojan.GenericKD.5057856 (B) 20170522
ESET-NOD32 Win32/Filecoder.WannaCryptor.D 20170522
F-Prot W32/WannaCrypt.A 20170522
F-Secure Trojan.GenericKD.5057856 20170522
Fortinet W32/GenKryptik.1C25!tr 20170522
GData Trojan.GenericKD.5057856 20170522
Ikarus Trojan-Ransom.WannaCry 20170522
Jiangmin Trojan.WanaCry.a 20170522
K7AntiVirus Trojan ( 0001140e1 ) 20170522
K7GW Trojan ( 0001140e1 ) 20170522
Kaspersky Trojan-Ransom.Win32.Wanna.aa 20170522
Malwarebytes Ransom.WannaCrypt 20170522
McAfee Ransom-O 20170522
McAfee-GW-Edition Ransom-O 20170522
Microsoft Ransom:Win32/WannaCrypt!rfn 20170522
NANO-Antivirus Trojan.Win32.Wanna.eottwl 20170522
Panda Trj/RansomCrypt.K 20170522
Rising Malware.Generic.5!tfe (cloud:7SfzBq30iMV) 20170522
Sophos AV Troj/Wanna-D 20170521
Symantec Trojan.Gen.NPE 20170522
Tencent Win32.Trojan.Wannacry.Hjxi 20170522
TrendMicro TROJ_RA.43E77CDF 20170522
TrendMicro-HouseCall Suspicious_GEN.F47V0512 20170522
VBA32 Trojan.Filecoder 20170522
ViRobot Trojan.Win32.S.WannaCry.245760[h] 20170522
Webroot W32.Ransom.Wannacry 20170522
Yandex Trojan.Filecoder!vJ8G5Dz20yg 20170518
ZoneAlarm by Check Point Trojan-Ransom.Win32.Wanna.aa 20170522
Ad-Aware 20170522
Alibaba 20170522
CMC 20170521
CrowdStrike Falcon (ML) 20170130
Endgame 20170515
Sophos ML 20170519
Kingsoft 20170522
eScan 20170522
nProtect 20170522
Palo Alto Networks (Known Signatures) 20170522
Qihoo-360 20170522
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170522
Symantec Mobile Insight 20170522
TheHacker 20170522
TotalDefense 20170522
Trustlook 20170522
VIPRE 20170522
WhiteArmor 20170517
Zoner 20170522
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
46
Uncompressed size
9926078
Highest datetime
2017-05-12 16:38:26
Lowest datetime
2010-11-20 02:16:58
Contained files by extension
exe
4
lnk
1
res
1
pky
1
eky
1
txt
1
Contained files by type
RTF
28
unknown
9
Portable Executable
5
directory
2
ZIP
1
BMP
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
byytwrsjrbxfg387/

ZipBitFlag
0

ZipModifyDate
2017:05:12 13:39:01

File identification
MD5 22a42f1a088ca55c14c2abc0169e3e5f
SHA1 18ba455efe2476730346c69cc7e7d6acfa5f074d
SHA256 85ce324b8f78021ecfc9b811c748f19b82e61bb093ff64f2eab457f9ef19b186
ssdeep
196608:/o+rndViKmLA3Hmhb1EVipUJT0OysRRHC2scqf:/tGh17pUJgOysRRHKHf

File size 6.7 MB ( 7015607 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-05-12 14:17:01 UTC ( 7 months ago )
Last submission 2017-05-12 21:22:50 UTC ( 7 months ago )
File names byytwrsjrbxfg387.zip
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!