Overview

overview

10

Static

static

10

2024-04-13...ry.exe

windows7-x64

10

2024-04-13...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-13_0d0ec10adf72d3c4f9f4d8aa2d28b84b_destroyer_wannacry

  • Size

    36KB

  • Sample

    240413-xeg71sfh99

  • MD5

    0d0ec10adf72d3c4f9f4d8aa2d28b84b

  • SHA1

    2f22d5b19caa97c914a10c47c75ddde5cec0a417

  • SHA256

    2acb33d8616a027487308629ee9271d2602065341f74ea0be18b526dff62d3cf

  • SHA512

    d3480179ea8681a3a06f60bce1c769ec0bd8d7e3a170d3a7783b42330168c0c0978a7ed16174e4a3938822d1a573c4667e16aa2326194e2043bffcedb85c6658

  • SSDEEP

    768:kqo2Vc72OYpkdcE6r94t2W+bcf8EAndDyjweg:zo2+qpE6r94d+YZJg

Score
10/10
chaosransomwarespywarestealer

Malware Config

Targets

    • Target

      2024-04-13_0d0ec10adf72d3c4f9f4d8aa2d28b84b_destroyer_wannacry

    • Size

      36KB

    • MD5

      0d0ec10adf72d3c4f9f4d8aa2d28b84b

    • SHA1

      2f22d5b19caa97c914a10c47c75ddde5cec0a417

    • SHA256

      2acb33d8616a027487308629ee9271d2602065341f74ea0be18b526dff62d3cf

    • SHA512

      d3480179ea8681a3a06f60bce1c769ec0bd8d7e3a170d3a7783b42330168c0c0978a7ed16174e4a3938822d1a573c4667e16aa2326194e2043bffcedb85c6658

    • SSDEEP

      768:kqo2Vc72OYpkdcE6r94t2W+bcf8EAndDyjweg:zo2+qpE6r94d+YZJg

    Score
    10/10
    chaosransomwarespywarestealer

    • Chaos

      Ransomware family first seen in June 2021.

      ransomwarechaos

    • Chaos Ransomware

    • Detects command variations typically used by ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks