General
-
Target
f82762214b095a7508be150c6de5579c_wannacry_JC.exe
-
Size
112KB
-
Sample
230831-v4t7rsge8y
-
MD5
f82762214b095a7508be150c6de5579c
-
SHA1
3f55428bcd35e4d58dd2458b8cae6029b158b460
-
SHA256
1ab84bd653ca8568f107b6f4bdf38c1839bfefda66d3af8013c781f6ac04c6e8
-
SHA512
3542a364b96bbda171082b595b7e051403af0263f303ba84de9ca134a7f6294253cdf90468512405d365790370e2c72b06910435ace1094cc61e524e7388cef8
-
SSDEEP
3072:hX04v7q9ZM9yFx0ckkJEcBa491Dul6ZW:q4zq9+EqcBN9p
Behavioral task
behavioral1
Sample
f82762214b095a7508be150c6de5579c_wannacry_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
f82762214b095a7508be150c6de5579c_wannacry_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
f82762214b095a7508be150c6de5579c_wannacry_JC.exe
-
Size
112KB
-
MD5
f82762214b095a7508be150c6de5579c
-
SHA1
3f55428bcd35e4d58dd2458b8cae6029b158b460
-
SHA256
1ab84bd653ca8568f107b6f4bdf38c1839bfefda66d3af8013c781f6ac04c6e8
-
SHA512
3542a364b96bbda171082b595b7e051403af0263f303ba84de9ca134a7f6294253cdf90468512405d365790370e2c72b06910435ace1094cc61e524e7388cef8
-
SSDEEP
3072:hX04v7q9ZM9yFx0ckkJEcBa491Dul6ZW:q4zq9+EqcBN9p
Score10/10-
Chaos Ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-