8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a | Triage

Sharing

General

Target

WannaBitcoin.exe
Size

12.3MB
Sample

211220-r2vhzabfcq
MD5

114edffe6d90393ac464866ddf138f90
SHA1

97ebbf910fd31a626126311453f8ee87171eb92d
SHA256

8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a
SHA512

1197d4e60bfc67d2b2cb13b424394bb8e6d5086514fc9c8965171a5b544b714405dd861bac058cac9c532e6d18b23344c41111dbb9db353a822910cfb40b155c

Score

8^/10

ransomware

Malware Config

Targets

- Target
  
  WannaBitcoin.exe
- Size
  
  12.3MB
- MD5
  
  114edffe6d90393ac464866ddf138f90
- SHA1
  
  97ebbf910fd31a626126311453f8ee87171eb92d
- SHA256
  
  8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a
- SHA512
  
  1197d4e60bfc67d2b2cb13b424394bb8e6d5086514fc9c8965171a5b544b714405dd861bac058cac9c532e6d18b23344c41111dbb9db353a822910cfb40b155c
Score

8^/10

ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

behavioral2