General
-
Target
2Q.png
-
Size
93KB
-
Sample
230112-d1lb1sah8s
-
MD5
87234dff69f6c8edfaf828a5d491c886
-
SHA1
69902f3c575191db8114aa34f99b27ceae3a9f72
-
SHA256
a1b8367e1a43860d9e7c21717010e7526e768e662188435186cbb6a22727e8d3
-
SHA512
8b7899ad50f240bed801d382de6d5949b3cafd784af71afa10d77ee313aede798cebcdb2462adc720fb86e81f5a83811265c04bb32d2b886fb1412fd05a32a0b
-
SSDEEP
1536:Q2gTuxN24PkS8TqF9xbbP+q6le0chqfWdrzQkdjTi/NAj5n6kKGhL88Yoz9IbYVy:R0ux1kS8+F9xT6leJEfUrEyjO1AjUGha
Static task
static1
Behavioral task
behavioral1
Sample
2Q.png
Resource
win7-20221111-es
Malware Config
Extracted
C:\Users\Admin\Downloads\@Please_Read_Me@.txt
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
2Q.png
-
Size
93KB
-
MD5
87234dff69f6c8edfaf828a5d491c886
-
SHA1
69902f3c575191db8114aa34f99b27ceae3a9f72
-
SHA256
a1b8367e1a43860d9e7c21717010e7526e768e662188435186cbb6a22727e8d3
-
SHA512
8b7899ad50f240bed801d382de6d5949b3cafd784af71afa10d77ee313aede798cebcdb2462adc720fb86e81f5a83811265c04bb32d2b886fb1412fd05a32a0b
-
SSDEEP
1536:Q2gTuxN24PkS8TqF9xbbP+q6le0chqfWdrzQkdjTi/NAj5n6kKGhL88Yoz9IbYVy:R0ux1kS8+F9xT6leJEfUrEyjO1AjUGha
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-