General
-
Target
sample
-
Size
18KB
-
Sample
240220-qdrazagf8z
-
MD5
931b040f03053b8bcc1c7edd3bb18636
-
SHA1
81a31e6654c78af674c24dad85c643b0bb4a34e4
-
SHA256
0c3e745f66e4b01b50b37adb22c73d73fed17a3c61ed14f10c790ea7557d02c1
-
SHA512
7a0b97e1723385e3cc14ffad243024f6115ca14b28e64c29e832ed6125f64cc1974e8488556854c95489d350f8be79876821a2b4c474c721f0bec14f97a27b01
-
SSDEEP
384:riDDpmReVoOs4QN9ylKeGMoU8Hhhb82/dt7OJLN2we0PHVJCBXQL:rwBVoOs4QryI1MiBhbL/fOgCJQQL
Static task
static1
Behavioral task
behavioral1
Sample
sample.html
Resource
win10v2004-20231215-en
Malware Config
Extracted
C:\Users\Admin\Downloads\@[email protected]
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
sample
-
Size
18KB
-
MD5
931b040f03053b8bcc1c7edd3bb18636
-
SHA1
81a31e6654c78af674c24dad85c643b0bb4a34e4
-
SHA256
0c3e745f66e4b01b50b37adb22c73d73fed17a3c61ed14f10c790ea7557d02c1
-
SHA512
7a0b97e1723385e3cc14ffad243024f6115ca14b28e64c29e832ed6125f64cc1974e8488556854c95489d350f8be79876821a2b4c474c721f0bec14f97a27b01
-
SSDEEP
384:riDDpmReVoOs4QN9ylKeGMoU8Hhhb82/dt7OJLN2we0PHVJCBXQL:rwBVoOs4QryI1MiBhbL/fOgCJQQL
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1