General
-
Target
EpicGlobal_V26-7.zip
-
Size
21.5MB
-
Sample
230621-rhqqnshh74
-
MD5
6719a41871dc9c1eec0175a7b9240408
-
SHA1
f117f740532f5da2022aa91f259b91dc1a5f00f3
-
SHA256
8a71c472dcc6020542b199edf5056ef07a904249d958d487faa0af182002f692
-
SHA512
d083e4de561f2f74179fe2b1b0a5e280af0bc3dad5df6b4b623c1a378af557ac6ae88531d7317f39d44a17a3e8565e63736c4614f2600e5767bcc58c70d57161
-
SSDEEP
393216:MFqukFZP0+s6CfXLsxs7Q5iBPSyEN+mH8PLWOpahU4t8zWnmomSO:XP0W6ZPSyEoGoWOrgmomN
Static task
static1
Behavioral task
behavioral1
Sample
使用说明[必看].txt
Resource
win10v2004-20230621-en
Malware Config
Extracted
C:\Users\Admin\Desktop\@Please_Read_Me@.txt
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
使用说明[必看].txt
-
Size
26KB
-
MD5
4d84d2497055dea11078ee60dba38be1
-
SHA1
24d851ea2c98240c81b56c8b244b437a6dccb0f6
-
SHA256
1e1b29ba0c4148ddf77425f442238bac48bc591fc1a5fc92dd19c6c8bb1f266c
-
SHA512
062d65ec297ff07b628e82edf8e5f154e9cc6926ab837fc63ce5d1d9ff484e63cd405ec042bf229a56989cad9baeba59bc5a3f80a4cd77cc4491debd48f53bd0
-
SSDEEP
768:6FS6AHPZ4FTdVpn2q7ZBSk1Q8UOuTpZ9o5G9b:6+Z4FTdVpn2lBYMb
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-