General
-
Target
2023-08-26_ef4ec2e14b72f57c074d4faa814fb0d4_wannacry_JC.exe
-
Size
6.1MB
-
Sample
231001-zwt91sfc72
-
MD5
ef4ec2e14b72f57c074d4faa814fb0d4
-
SHA1
8741a96e0c7a7ffc40db2cd486205a420a3c236e
-
SHA256
22567b0583fff8716864bcd95e13fe4988fe454ec0289a460020a224380aa09d
-
SHA512
b758cd68aff007cbf99b330a927130a60807bd4b56f557167b37cbfa90275758671c007eb99830bc001c989107476dc16b8febbfccb7dbd06f89106b7fc4eb29
-
SSDEEP
49152:1KryVO/DnYD+fh/PckIa0MiMpk/7DI1NQCmiIgI3uqyHAK/S:
Behavioral task
behavioral1
Sample
2023-08-26_ef4ec2e14b72f57c074d4faa814fb0d4_wannacry_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2023-08-26_ef4ec2e14b72f57c074d4faa814fb0d4_wannacry_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
2023-08-26_ef4ec2e14b72f57c074d4faa814fb0d4_wannacry_JC.exe
-
Size
6.1MB
-
MD5
ef4ec2e14b72f57c074d4faa814fb0d4
-
SHA1
8741a96e0c7a7ffc40db2cd486205a420a3c236e
-
SHA256
22567b0583fff8716864bcd95e13fe4988fe454ec0289a460020a224380aa09d
-
SHA512
b758cd68aff007cbf99b330a927130a60807bd4b56f557167b37cbfa90275758671c007eb99830bc001c989107476dc16b8febbfccb7dbd06f89106b7fc4eb29
-
SSDEEP
49152:1KryVO/DnYD+fh/PckIa0MiMpk/7DI1NQCmiIgI3uqyHAK/S:
Score10/10-
Chaos Ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-