General
-
Target
2024-02-29_02b069c665a623a1f5624eca23e93531_wannacry
-
Size
115KB
-
Sample
240229-bsgyhsab2y
-
MD5
02b069c665a623a1f5624eca23e93531
-
SHA1
61f4fc34711a714cb29f4b9f74911e9c89997a83
-
SHA256
77c6b723977f4853e12c83840f1ea3a3e62c22e586273880dad377b8bfe95d7b
-
SHA512
e3dab7f2a5596bba14e95f8fe04d2b308df0eb47394d7fd12451aaba245578170bd5192757f0d5bc52abedaa5f70ebe454fd7ae759e93fd71ce172488a1c34e7
-
SSDEEP
3072:Boy3MtAr9zjAoclgHqO6pshDPbSk7nXE:Fxr9zYO6sFeKnX
Behavioral task
behavioral1
Sample
2024-02-29_02b069c665a623a1f5624eca23e93531_wannacry.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-29_02b069c665a623a1f5624eca23e93531_wannacry.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-29_02b069c665a623a1f5624eca23e93531_wannacry
-
Size
115KB
-
MD5
02b069c665a623a1f5624eca23e93531
-
SHA1
61f4fc34711a714cb29f4b9f74911e9c89997a83
-
SHA256
77c6b723977f4853e12c83840f1ea3a3e62c22e586273880dad377b8bfe95d7b
-
SHA512
e3dab7f2a5596bba14e95f8fe04d2b308df0eb47394d7fd12451aaba245578170bd5192757f0d5bc52abedaa5f70ebe454fd7ae759e93fd71ce172488a1c34e7
-
SSDEEP
3072:Boy3MtAr9zjAoclgHqO6pshDPbSk7nXE:Fxr9zYO6sFeKnX
Score10/10-
Chaos Ransomware
-
Detects command variations typically used by ransomware
-
Renames multiple (222) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-