Extracted

Extracted

• • Target

    test.vbs

  • Size

    589B

  • MD5

    94d9611bf2c6e0caa430b1b0b808da1e

  • SHA1

    723de46bdda58dd345b0c0bfd8bdbc33ea1931ec

  • SHA256

    8cf91cb3c0524feabe3b9502aa36ec58003e9e0db849901948cd335caf0e4f66

  • SHA512

    6baddf54c364c1c39bccd4f3e78f2b97f62297382c46642f6fc921fb2bc950e3ee44c6f94b5447c13faa028d9bc706ee9784582188e7a07fd3805de836b63e8e

  Score

  10^/10

  ransomwarewormwannacryspywarediscoverypersistence

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Blacklisted process makes network request

  • Executes dropped EXE

  • Deletes itself

  • Drops startup file

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Adds Run entry to start application

    persistence

  • Modifies service

    persistence

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2