General
-
Target
temp del.bat
-
Size
214B
-
Sample
240426-rb5k9adb52
-
MD5
a00b8ebb8969ec53c09034b8b42bb708
-
SHA1
3d9a8900117c7be4d3cc1f67d71911d45c88f8ff
-
SHA256
fbec71b8a0711cc36687a29e8df1f0311988e921e3e46c3ce5ab552e6a0ff94c
-
SHA512
5a8224c10a4e5d2de2c9512e019705f2efa3ff4185d58813c1fa29f60e6b60d09925c31fd257db52e71a0c1dfc57e26e1cece58bd863a40988f760febb9bee6f
Static task
static1
Malware Config
Extracted
C:\Users\Admin\Desktop\@Please_Read_Me@.txt
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
temp del.bat
-
Size
214B
-
MD5
a00b8ebb8969ec53c09034b8b42bb708
-
SHA1
3d9a8900117c7be4d3cc1f67d71911d45c88f8ff
-
SHA256
fbec71b8a0711cc36687a29e8df1f0311988e921e3e46c3ce5ab552e6a0ff94c
-
SHA512
5a8224c10a4e5d2de2c9512e019705f2efa3ff4185d58813c1fa29f60e6b60d09925c31fd257db52e71a0c1dfc57e26e1cece58bd863a40988f760febb9bee6f
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-