Extracted

• • Target

    Screenshot 2024-02-07 8.48.34 AM.png

  • Size

    133B

  • MD5

    521cacaaf22023ade44fd92e668c55e9

  • SHA1

    5e3acca0814fb0ac983e6b00d18bed03f4f2a7ba

  • SHA256

    28f0df75300f51c0a00238fecce626cb75d14ab368b31c3e34534ecf83219699

  • SHA512

    9ea36f0a70e99636dfd7e1343c289e1716ea6e7a71806165a3699722a0aa4541c544fdc1642e0723d0401229228da57a786a95fa31245a1fb1ce603645d003a4

  Score

  10^/10

  wannacrymicrosoftdiscoverypersistencephishingransomwarespywarestealerworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Legitimate hosting services abused for malware hosting/C2

  • Detected potential entity reuse from brand microsoft.

    phishingmicrosoft

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2