General
-
Target
Database1.accdb
-
Size
1.7MB
-
Sample
240422-rpzxxscc62
-
MD5
2caba728ef51535a44667439e5d8a1b3
-
SHA1
b61228b5dd4ee852c2be6a31f00afd4634fc21a9
-
SHA256
e85f9e98d41c7c13ecd17fa91f526e0220a9b969b1b8f0160aa0e5260c96f5cc
-
SHA512
2e4e759ec47becec7d7fe2ed3157cab93133fb50080b926508be5f3caaceacc60ba9524e8be642da33699ffe34b698c70eeb8bbbbe111cf7eb2408913671a9f0
-
SSDEEP
1536:IOgCkJnoq6PzerUx+xFM9gVRABURlxFeFsBWBjdbVKBnRtsVgAFbtB9XB98xE9QJ:I9no5ery+BUC
Static task
static1
Behavioral task
behavioral1
Sample
Database1.accdb
Resource
win11-20240412-en
Malware Config
Extracted
C:\Users\Admin\Desktop\WannaCry-main\@Please_Read_Me@.txt
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
Database1.accdb
-
Size
1.7MB
-
MD5
2caba728ef51535a44667439e5d8a1b3
-
SHA1
b61228b5dd4ee852c2be6a31f00afd4634fc21a9
-
SHA256
e85f9e98d41c7c13ecd17fa91f526e0220a9b969b1b8f0160aa0e5260c96f5cc
-
SHA512
2e4e759ec47becec7d7fe2ed3157cab93133fb50080b926508be5f3caaceacc60ba9524e8be642da33699ffe34b698c70eeb8bbbbe111cf7eb2408913671a9f0
-
SSDEEP
1536:IOgCkJnoq6PzerUx+xFM9gVRABURlxFeFsBWBjdbVKBnRtsVgAFbtB9XB98xE9QJ:I9no5ery+BUC
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1