General
-
Target
9f01c4411a75c7cce2dd3e797f8e5766_destroyer_wannacry_JC.exe
-
Size
27KB
-
Sample
230826-pttklabh8w
-
MD5
9f01c4411a75c7cce2dd3e797f8e5766
-
SHA1
5cbefedec484cad65830a409f0d417d7eb0aae99
-
SHA256
bcd823dfc854eaa65a2309129245ac0ed1ee894e613e90b119edb87108dbac8b
-
SHA512
82bce6de104a6be161012add397d30579e7e9562b86b179f6c0f0a51101bc1056c6fa8e69d84aca3a517b0e27a44f3e5b75f666f757e24445bd8883ad98eb62e
-
SSDEEP
384:s3tWZPzzxAm1vp5Z+BhkRS74WtRQUxhhlsNpGOtlYOy5o91PoF/82vR:sO7zxAmpkhkRS1RQUxGN47ho9Bo982J
Behavioral task
behavioral1
Sample
9f01c4411a75c7cce2dd3e797f8e5766_destroyer_wannacry_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
9f01c4411a75c7cce2dd3e797f8e5766_destroyer_wannacry_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
C:\ProgramData\Adobe\Updater6\read_it.txt
Targets
-
-
Target
9f01c4411a75c7cce2dd3e797f8e5766_destroyer_wannacry_JC.exe
-
Size
27KB
-
MD5
9f01c4411a75c7cce2dd3e797f8e5766
-
SHA1
5cbefedec484cad65830a409f0d417d7eb0aae99
-
SHA256
bcd823dfc854eaa65a2309129245ac0ed1ee894e613e90b119edb87108dbac8b
-
SHA512
82bce6de104a6be161012add397d30579e7e9562b86b179f6c0f0a51101bc1056c6fa8e69d84aca3a517b0e27a44f3e5b75f666f757e24445bd8883ad98eb62e
-
SSDEEP
384:s3tWZPzzxAm1vp5Z+BhkRS74WtRQUxhhlsNpGOtlYOy5o91PoF/82vR:sO7zxAmpkhkRS1RQUxGN47ho9Bo982J
Score10/10-
Chaos Ransomware
-
Modifies boot configuration data using bcdedit
-
Disables Task Manager via registry modification
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-