General
-
Target
2023-04-12_751df604e41a7e473fd3817b4c16d5f6_wannacry.exe
-
Size
244KB
-
Sample
230413-dgqsdsac3w
-
MD5
751df604e41a7e473fd3817b4c16d5f6
-
SHA1
30d6eacf97d1a5e6ec191f75a8eb16d9da54f218
-
SHA256
be7c6e308b1d8a20cc46232fc95f6c094717f05cadb0c7a03108d969b561f68e
-
SHA512
6c546d46e6b7c0adffee2bdcf2b85b786b57fbf73c4213e39bf54e4ceaceaa5f143e0e9d57d0398464074e46c0242bd649fa80615d1dc3db32f08b061a7629d7
-
SSDEEP
6144:8+jn7PfWDycKPudCuS74kvw6Mr9zmduLb+70pKXQl29ur4cm:8+gycSzre2q+70pKXQl29ur4c
Behavioral task
behavioral1
Sample
2023-04-12_751df604e41a7e473fd3817b4c16d5f6_wannacry.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2023-04-12_751df604e41a7e473fd3817b4c16d5f6_wannacry.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
2023-04-12_751df604e41a7e473fd3817b4c16d5f6_wannacry.exe
-
Size
244KB
-
MD5
751df604e41a7e473fd3817b4c16d5f6
-
SHA1
30d6eacf97d1a5e6ec191f75a8eb16d9da54f218
-
SHA256
be7c6e308b1d8a20cc46232fc95f6c094717f05cadb0c7a03108d969b561f68e
-
SHA512
6c546d46e6b7c0adffee2bdcf2b85b786b57fbf73c4213e39bf54e4ceaceaa5f143e0e9d57d0398464074e46c0242bd649fa80615d1dc3db32f08b061a7629d7
-
SSDEEP
6144:8+jn7PfWDycKPudCuS74kvw6Mr9zmduLb+70pKXQl29ur4cm:8+gycSzre2q+70pKXQl29ur4c
Score10/10-
Chaos Ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-