General
-
Target
WINDOWS.ogg
-
Size
8KB
-
Sample
240419-ze9clsfg31
-
MD5
aca888b75179824d2123d95e1156c524
-
SHA1
947c1c5288171be8a83da83c3e7315cd6991cc8c
-
SHA256
058630d422fafd5fe0e2a7a56ec61fc4e6e3dda9f4b517e1af3b3a550038c127
-
SHA512
bba51c41aff9930ba791cce4f23b3337be03d3726459f50dbc6fa5b46e4e1fe3c6028a60552411e974f51ad26e77a00fe1341508264d1f0ba7bd66e1bbf3ac65
-
SSDEEP
96:oZIviwiIXrhoDzogccPb8NYG1hl2IdsdzIZS8uEk/lb49TKhM8Ia/1AB:oZ0iOrnghPsH1rSdzCS8uE6lbl1
Static task
static1
Behavioral task
behavioral1
Sample
WINDOWS.ogg
Resource
win11-20240412-en
Malware Config
Extracted
C:\Users\Admin\Desktop\@Please_Read_Me@.txt
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
WINDOWS.ogg
-
Size
8KB
-
MD5
aca888b75179824d2123d95e1156c524
-
SHA1
947c1c5288171be8a83da83c3e7315cd6991cc8c
-
SHA256
058630d422fafd5fe0e2a7a56ec61fc4e6e3dda9f4b517e1af3b3a550038c127
-
SHA512
bba51c41aff9930ba791cce4f23b3337be03d3726459f50dbc6fa5b46e4e1fe3c6028a60552411e974f51ad26e77a00fe1341508264d1f0ba7bd66e1bbf3ac65
-
SSDEEP
96:oZIviwiIXrhoDzogccPb8NYG1hl2IdsdzIZS8uEk/lb49TKhM8Ia/1AB:oZ0iOrnghPsH1rSdzCS8uE6lbl1
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1