General
-
Target
77395bac1bdc0140b9b31e54697ccdb0_wannacry_JC.exe
-
Size
438KB
-
Sample
230823-tmrvmsdg88
-
MD5
77395bac1bdc0140b9b31e54697ccdb0
-
SHA1
89e69ac24c534c063fa1928b9f3639677096d1ec
-
SHA256
3c3599ec67c0df50e8fd2fd3aa12bfd6c1a06ed764d59f706686d5c56d8ffe6c
-
SHA512
389608a38f0740b5aa7251fa6ff787d5e9d9a45dfd784bb9deb3964f07fc051062b2e83af32c1942837403b4de9755c1075cc45ad61b62a2d34c1c81aafef9d4
-
SSDEEP
12288:XaCP5kPoMevC+4KSQzXNlkfE8ZbZ30C02StZVA5j8/Os1:SSlMXS+
Behavioral task
behavioral1
Sample
77395bac1bdc0140b9b31e54697ccdb0_wannacry_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
77395bac1bdc0140b9b31e54697ccdb0_wannacry_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\read_it.txt
chaos
Targets
-
-
Target
77395bac1bdc0140b9b31e54697ccdb0_wannacry_JC.exe
-
Size
438KB
-
MD5
77395bac1bdc0140b9b31e54697ccdb0
-
SHA1
89e69ac24c534c063fa1928b9f3639677096d1ec
-
SHA256
3c3599ec67c0df50e8fd2fd3aa12bfd6c1a06ed764d59f706686d5c56d8ffe6c
-
SHA512
389608a38f0740b5aa7251fa6ff787d5e9d9a45dfd784bb9deb3964f07fc051062b2e83af32c1942837403b4de9755c1075cc45ad61b62a2d34c1c81aafef9d4
-
SSDEEP
12288:XaCP5kPoMevC+4KSQzXNlkfE8ZbZ30C02StZVA5j8/Os1:SSlMXS+
Score10/10-
Chaos Ransomware
-
Modifies boot configuration data using bcdedit
-
Disables Task Manager via registry modification
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-