General
-
Target
xfbbxf.txt
-
Size
11B
-
Sample
240222-vc5t7acf7w
-
MD5
a7f88aebb38e4e7d672cb999ff70c19b
-
SHA1
62921eca960b42229347e3c1eee19ac909bda43c
-
SHA256
86a2cd089f59025e0c57d2a21cc4f062c234d863bbbeef1dbfc3aa18556e06e8
-
SHA512
e78473801d916f180cf81af0e9f621fe632a1bafe3150d13eac97101057f27897e140a12a6246c4d817ba2b2015b2da7bfc846b5923e3d3fd085761eb6fdd40c
Static task
static1
Behavioral task
behavioral1
Sample
xfbbxf.txt
Resource
win10v2004-20240221-en
Malware Config
Extracted
C:\Users\Admin\Downloads\@[email protected]
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
xfbbxf.txt
-
Size
11B
-
MD5
a7f88aebb38e4e7d672cb999ff70c19b
-
SHA1
62921eca960b42229347e3c1eee19ac909bda43c
-
SHA256
86a2cd089f59025e0c57d2a21cc4f062c234d863bbbeef1dbfc3aa18556e06e8
-
SHA512
e78473801d916f180cf81af0e9f621fe632a1bafe3150d13eac97101057f27897e140a12a6246c4d817ba2b2015b2da7bfc846b5923e3d3fd085761eb6fdd40c
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1