General
-
Target
2024-03-03_1f76584eec60fa81e815ff4548d35a1c_wannacry
-
Size
594KB
-
Sample
240303-ldq8ragd8v
-
MD5
1f76584eec60fa81e815ff4548d35a1c
-
SHA1
7030dd2b4d1569cf7e422fbe77295a13a64ced06
-
SHA256
c4d3631daf1bc721b763d972a1c5b8368e51a74b8e36c671cbfd3a2bc9a0ad43
-
SHA512
39299163813c3d103b06da70da260e64b01af278efc2f1c0b9a0befe9fd51110ca48d2a899bae4bb51bddc60f90f81d147b425eb12bee440d762184537379f98
-
SSDEEP
6144:Vr9Sb9q3146ghFGjfaLl3uw7yyB8a34isaS:6SAhFGjiLlb7yK844is
Behavioral task
behavioral1
Sample
2024-03-03_1f76584eec60fa81e815ff4548d35a1c_wannacry.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-03_1f76584eec60fa81e815ff4548d35a1c_wannacry.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
C:\Users\Admin\Desktop\s3don
chaos
Targets
-
-
Target
2024-03-03_1f76584eec60fa81e815ff4548d35a1c_wannacry
-
Size
594KB
-
MD5
1f76584eec60fa81e815ff4548d35a1c
-
SHA1
7030dd2b4d1569cf7e422fbe77295a13a64ced06
-
SHA256
c4d3631daf1bc721b763d972a1c5b8368e51a74b8e36c671cbfd3a2bc9a0ad43
-
SHA512
39299163813c3d103b06da70da260e64b01af278efc2f1c0b9a0befe9fd51110ca48d2a899bae4bb51bddc60f90f81d147b425eb12bee440d762184537379f98
-
SSDEEP
6144:Vr9Sb9q3146ghFGjfaLl3uw7yyB8a34isaS:6SAhFGjiLlb7yK844is
Score10/10-
Chaos Ransomware
-
Detects command variations typically used by ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-