General
-
Target
RANSOMWARE-WANNACRY-2.0-master.zip
-
Size
3.3MB
-
Sample
240311-q8vxmscd21
-
MD5
017f199a7a5f1e090e10bbd3e9c885ca
-
SHA1
4e545b77d1be2445b2f0163ab2d6f2f01ec4ca05
-
SHA256
761e037ee186880d5f7d1f112b839818056f160a9ba60c7fb8d23d926ac0621f
-
SHA512
76215a26588204247027dcfdab4ea583443b2b2873ff92ad7dd5e9a9037c77d20ab4e471b8dd83e642d8481f53dbc0f83f993548dc7d151dead48dc29c1fdc22
-
SSDEEP
98304:zhvb2BVmAw0p9jIVcEj5nnZNRyA30yBSRa:zhvq7Bu6EZnZN5EyBSA
Static task
static1
Behavioral task
behavioral1
Sample
RANSOMWARE-WANNACRY-2.0-master.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
RANSOMWARE-WANNACRY-2.0-master/LICENSE
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
RANSOMWARE-WANNACRY-2.0-master/README.md
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
RANSOMWARE-WANNACRY-2.0-master/Ransomware.WannaCry.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
C:\Users\Admin\Desktop\@[email protected]
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Extracted
C:\Users\Admin\AppData\Local\Temp\@[email protected]
wannacry
13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94
Targets
-
-
Target
RANSOMWARE-WANNACRY-2.0-master.zip
-
Size
3.3MB
-
MD5
017f199a7a5f1e090e10bbd3e9c885ca
-
SHA1
4e545b77d1be2445b2f0163ab2d6f2f01ec4ca05
-
SHA256
761e037ee186880d5f7d1f112b839818056f160a9ba60c7fb8d23d926ac0621f
-
SHA512
76215a26588204247027dcfdab4ea583443b2b2873ff92ad7dd5e9a9037c77d20ab4e471b8dd83e642d8481f53dbc0f83f993548dc7d151dead48dc29c1fdc22
-
SSDEEP
98304:zhvb2BVmAw0p9jIVcEj5nnZNRyA30yBSRa:zhvq7Bu6EZnZN5EyBSA
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Modifies file permissions
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-
-
-
Target
RANSOMWARE-WANNACRY-2.0-master/LICENSE
-
Size
34KB
-
MD5
84dcc94da3adb52b53ae4fa38fe49e5d
-
SHA1
12d81f50767d4e09aa7877da077ad9d1b915d75b
-
SHA256
589ed823e9a84c56feb95ac58e7cf384626b9cbf4fda2a907bc36e103de1bad2
-
SHA512
552aec8d120c9d931769f6a6b794716fce978d0055715de21746dc0f064f4a0f72b6be42d4828b98a56715b23fa427c1f66fd20aca0ef1751cc384c420db1605
-
SSDEEP
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9I7dB:MhcycsrfrnouW
Score1/10 -
-
-
Target
RANSOMWARE-WANNACRY-2.0-master/README.md
-
Size
70B
-
MD5
39148bc21924851d9082b687dc69e2dc
-
SHA1
5d1e5490476227aa8877b87aad184031e19dc33a
-
SHA256
76a94c98df32a1d37cc7f1e2b86bdc524eda3fedcdb35e57de0dd56bd976142f
-
SHA512
2415bb9de017c086abf8315e4288a04d5eb6048af2637e75843778f24de6834154b68365794b6cbc09ef5da0fe96d5bfce20227bf3656d23b7f148fb60988041
Score3/10 -
-
-
Target
RANSOMWARE-WANNACRY-2.0-master/Ransomware.WannaCry.zip
-
Size
3.3MB
-
MD5
efe76bf09daba2c594d2bc173d9b5cf0
-
SHA1
ba5de52939cb809eae10fdbb7fac47095a9599a7
-
SHA256
707a9f323556179571bc832e34fa592066b1d5f2cac4a7426fe163597e3e618a
-
SHA512
4a1df71925cf2eb49c38f07c6a95bea17752b025f0114c6fd81bc0841c1d1f2965b5dda1469e454b9e8207c2e0dfd3df0959e57166620ccff86eeeb5cf855029
-
SSDEEP
98304:vhvb2BVmAw0p9jIVcEj5nnZNRyA30yBSRT:vhvq7Bu6EZnZN5EyBSN
Score1/10 -
-
-
Target
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
-
Size
3.4MB
-
MD5
84c82835a5d21bbcf75a61706d8ab549
-
SHA1
5ff465afaabcbf0150d1a3ab2c2e74f3a4426467
-
SHA256
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
-
SHA512
90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244
-
SSDEEP
98304:QqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QqPe1Cxcxk3ZAEUadzR8yc4gB
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1