General
-
Target
terraria-download-pc-crack
-
Size
164KB
-
Sample
230619-rev6zsfe4w
-
MD5
3534e05e07cdde9ceb0deaad5f10b139
-
SHA1
c3e452c7e636ee7ab587f478218eff824643b0b4
-
SHA256
feee28ab09d29e44a2225e27fa40dee15dd22950a0556c564c5be8808c5cb14e
-
SHA512
79b7d0d13db4517e8a85eedaf271b3db55d85daefdf819fac2e1ef40dfc0d5f3cc1f5b580b3e0342b6e9b12886699e405c451386d9bf1a645fdf7412c5d9a119
-
SSDEEP
3072:LdzW4qN3TjFElWo4Owdib+l+wRVdLeY0UjMuCI5w8KcdpBlF1pnEzmp1HTlddKUu:LdzW4qN3i4qiRVduz1
Static task
static1
Behavioral task
behavioral1
Sample
terraria-download-pc-crack.html
Resource
win10v2004-20230220-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\Temp1_WannaCrypt0r.zip\@Please_Read_Me@.txt
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
terraria-download-pc-crack
-
Size
164KB
-
MD5
3534e05e07cdde9ceb0deaad5f10b139
-
SHA1
c3e452c7e636ee7ab587f478218eff824643b0b4
-
SHA256
feee28ab09d29e44a2225e27fa40dee15dd22950a0556c564c5be8808c5cb14e
-
SHA512
79b7d0d13db4517e8a85eedaf271b3db55d85daefdf819fac2e1ef40dfc0d5f3cc1f5b580b3e0342b6e9b12886699e405c451386d9bf1a645fdf7412c5d9a119
-
SSDEEP
3072:LdzW4qN3TjFElWo4Owdib+l+wRVdLeY0UjMuCI5w8KcdpBlF1pnEzmp1HTlddKUu:LdzW4qN3i4qiRVduz1
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-