General
-
Target
MaxsStupidZipFileScanner.exe
-
Size
200KB
-
Sample
240420-t8mstach27
-
MD5
e48a10bfe0b5fc70fb5fb201e2a15a8e
-
SHA1
4d1acd4e53fcd1ca471931297939057418426a8a
-
SHA256
e67846454c5c7e86cb077a5c349b8ce526515101bf1c66b7af44d5c099b0bb72
-
SHA512
5352843bc600823a5825d6f3c36ed5f2660e0291ff8059b5baa86f69ecdd0b40a05e3c9a0a2e265c8ad57dbdf138f4facaf2f30412265b4c786de7022589110e
-
SSDEEP
6144:dQnaLViJ8gQZsEezHMg/afKh+tHA6TcWOchSI5Ezwtgz:dQn6i2yEezsg/aSMtHA6wWO8SeEzwtgz
Static task
static1
Behavioral task
behavioral1
Sample
MaxsStupidZipFileScanner.exe
Resource
win7-20240220-en
Malware Config
Extracted
C:\Users\Admin\Documents\@Please_Read_Me@.txt
wannacry
13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94
Targets
-
-
Target
MaxsStupidZipFileScanner.exe
-
Size
200KB
-
MD5
e48a10bfe0b5fc70fb5fb201e2a15a8e
-
SHA1
4d1acd4e53fcd1ca471931297939057418426a8a
-
SHA256
e67846454c5c7e86cb077a5c349b8ce526515101bf1c66b7af44d5c099b0bb72
-
SHA512
5352843bc600823a5825d6f3c36ed5f2660e0291ff8059b5baa86f69ecdd0b40a05e3c9a0a2e265c8ad57dbdf138f4facaf2f30412265b4c786de7022589110e
-
SSDEEP
6144:dQnaLViJ8gQZsEezHMg/afKh+tHA6TcWOchSI5Ezwtgz:dQn6i2yEezsg/aSMtHA6wWO8SeEzwtgz
Score10/10-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-