Behavioral task
behavioral1
Sample
2023-08-23_e95a41155865af1c8c3f613ce84da34f_destroyer_wannacry_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2023-08-23_e95a41155865af1c8c3f613ce84da34f_destroyer_wannacry_JC.exe
Resource
win10v2004-20230831-en
General
-
Target
2023-08-23_e95a41155865af1c8c3f613ce84da34f_destroyer_wannacry_JC.exe
-
Size
26KB
-
MD5
e95a41155865af1c8c3f613ce84da34f
-
SHA1
ea5233564c4342a62a0f32874a6e98e1b4d02443
-
SHA256
8a90f0ae242598017c07ad7062357ad0a5d6bfc82bc676cc584a94f9ae8e2160
-
SHA512
bfb6dd93e0871dff3606e9b5bb7b5a501182d741b339bfb47c6bb3af96ca353293d4c331fdf3b29ad910cd0edf876cd519493177ac973be0bfd0f37b4713bea4
-
SSDEEP
384:RjzZVQvRUXh0t1sNTFxX9ptnemoWO0Q91mH0b6JWG:gA9FhPtRXW9UUb4b
Malware Config
Signatures
-
Chaos Ransomware 1 IoCs
resource yara_rule sample family_chaos -
Chaos family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2023-08-23_e95a41155865af1c8c3f613ce84da34f_destroyer_wannacry_JC.exe
Files
-
2023-08-23_e95a41155865af1c8c3f613ce84da34f_destroyer_wannacry_JC.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ