General
-
Target
Screenshot 2024-02-07 8.48.34 AM.png
-
Size
133B
-
Sample
240212-w3mlzace82
-
MD5
521cacaaf22023ade44fd92e668c55e9
-
SHA1
5e3acca0814fb0ac983e6b00d18bed03f4f2a7ba
-
SHA256
28f0df75300f51c0a00238fecce626cb75d14ab368b31c3e34534ecf83219699
-
SHA512
9ea36f0a70e99636dfd7e1343c289e1716ea6e7a71806165a3699722a0aa4541c544fdc1642e0723d0401229228da57a786a95fa31245a1fb1ce603645d003a4
Static task
static1
Behavioral task
behavioral1
Sample
Screenshot 2024-02-07 8.48.34 AM.png
Resource
win10v2004-20231215-en
Behavioral task
behavioral2
Sample
Screenshot 2024-02-07 8.48.34 AM.png
Resource
win11-20231215-en
Malware Config
Extracted
C:\Users\Admin\Downloads\@[email protected]
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
Screenshot 2024-02-07 8.48.34 AM.png
-
Size
133B
-
MD5
521cacaaf22023ade44fd92e668c55e9
-
SHA1
5e3acca0814fb0ac983e6b00d18bed03f4f2a7ba
-
SHA256
28f0df75300f51c0a00238fecce626cb75d14ab368b31c3e34534ecf83219699
-
SHA512
9ea36f0a70e99636dfd7e1343c289e1716ea6e7a71806165a3699722a0aa4541c544fdc1642e0723d0401229228da57a786a95fa31245a1fb1ce603645d003a4
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-