General
-
Target
https://github.com/ytisf/theZoo/blob/b013182f34eecab0aca5b7b9c29bcedc01908666/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
-
Sample
211203-flw63shfg8
Static task
static1
URLScan task
urlscan1
Sample
https://github.com/ytisf/theZoo/blob/b013182f34eecab0aca5b7b9c29bcedc01908666/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
Behavioral task
behavioral1
Sample
https://github.com/ytisf/theZoo/blob/b013182f34eecab0aca5b7b9c29bcedc01908666/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
Resource
win10-en-20211014
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\Temp1_Ransomware.WannaCry.zip\@[email protected]
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
https://github.com/ytisf/theZoo/blob/b013182f34eecab0aca5b7b9c29bcedc01908666/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
Score10/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-