General
-
Target
db28ec41adb0407d75fd2e95cfbfee2ab8053700a78933e5091b7bc1741feea4.bin.sample
-
Size
3.4MB
-
Sample
211018-tlpnwsehan
-
MD5
8ca0780db84fa71fee7a6a3dec66fd57
-
SHA1
096cc82acd58ea61a532c05e9bde7ed102cade40
-
SHA256
db28ec41adb0407d75fd2e95cfbfee2ab8053700a78933e5091b7bc1741feea4
-
SHA512
273f93b62682158b06e28b553579c0b36ea60f25aec095827fda00f3fe2465f30fc07ca1b579bbbecbc3296a33555e862f675f3f70a4450f8205f8c5cb58235b
Static task
static1
Behavioral task
behavioral1
Sample
db28ec41adb0407d75fd2e95cfbfee2ab8053700a78933e5091b7bc1741feea4.bin.sample.exe
Resource
win10-en-20210920
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\@Please_Read_Me@.txt
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
db28ec41adb0407d75fd2e95cfbfee2ab8053700a78933e5091b7bc1741feea4.bin.sample
-
Size
3.4MB
-
MD5
8ca0780db84fa71fee7a6a3dec66fd57
-
SHA1
096cc82acd58ea61a532c05e9bde7ed102cade40
-
SHA256
db28ec41adb0407d75fd2e95cfbfee2ab8053700a78933e5091b7bc1741feea4
-
SHA512
273f93b62682158b06e28b553579c0b36ea60f25aec095827fda00f3fe2465f30fc07ca1b579bbbecbc3296a33555e862f675f3f70a4450f8205f8c5cb58235b
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-