General
-
Target
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982
-
Size
3.6MB
-
Sample
220708-f54ehabcdl
-
MD5
5bef35496fcbdbe841c82f4d1ab8b7c2
-
SHA1
50049556b3406e07347411767d6d01a704b6fee6
-
SHA256
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982
-
SHA512
874424429d6aaac293717ad6d5deadb4227cc5e3c6376bdd362b2f1bee3d28a819c5e9aae991179c6702a0c4fbb7ec5c4a64297b8e9587c3b6cbae0bd0d98225
Static task
static1
Behavioral task
behavioral1
Sample
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\ProgramData\dlkzpibqectdraf799\@Please_Read_Me@.txt
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982
-
Size
3.6MB
-
MD5
5bef35496fcbdbe841c82f4d1ab8b7c2
-
SHA1
50049556b3406e07347411767d6d01a704b6fee6
-
SHA256
4186675cb6706f9d51167fb0f14cd3f8fcfb0065093f62b10a15f7d9a6c8d982
-
SHA512
874424429d6aaac293717ad6d5deadb4227cc5e3c6376bdd362b2f1bee3d28a819c5e9aae991179c6702a0c4fbb7ec5c4a64297b8e9587c3b6cbae0bd0d98225
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Executes dropped EXE
-
Modifies file permissions
-