General
-
Target
ae686cc7d29c227866d537b5330c45dc0df0c28533607c9af75349484686298d
-
Size
190KB
-
Sample
240417-rmxpsabe69
-
MD5
933174b556aa7d9fb88f6fcb402bbff8
-
SHA1
4c5635dfd2419b3f69898afbae60df535e9aff20
-
SHA256
ae686cc7d29c227866d537b5330c45dc0df0c28533607c9af75349484686298d
-
SHA512
ed790add1c1372e6c6cd1626c5c82ae47b630262d9a1151b8191df6375323f66cebd39c5dedf84b135f7f062d692a3881a966985f909b5bbecae096715f33c2f
-
SSDEEP
3072:J35Enh9t7UFGD35kcbJMyVemPzG32oWUN9Rm1gzqq+C4AGDyHpecD+d/JG4uq0Pd:J35yUFGt/bLziCzazF+VAGhcD+d/UoYd
Static task
static1
Behavioral task
behavioral1
Sample
be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
C:\Users\Admin\Documents\!Please Read Me!.txt
wannacry
15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1
Targets
-
-
Target
be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844.exe
-
Size
224KB
-
MD5
5c7fb0927db37372da25f270708103a2
-
SHA1
120ed9279d85cbfa56e5b7779ffa7162074f7a29
-
SHA256
be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844
-
SHA512
a15f97fad744ccf5f620e5aabb81f48507327b898a9aa4287051464019e0f89224c484e9691812e166471af9beaddcfc3deb2ba878658761f4800663beef7206
-
SSDEEP
3072:Y059femWRwTs/dbelj0X8/j84pcRXPlU3Upt3or4H84lK8PtpLzLsR/EfcZ:+5RwTs/dSXj84mRXPemxdBlPvLzLeZ
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-