General
-
Target
905035d952dc9b8c7c524740da5baa43.png
-
Size
36KB
-
Sample
240428-wkd7wadc28
-
MD5
a1006c6c6d9c3df704aaa16f61df446b
-
SHA1
b3ca24d8dad28c865b1ed577b59560e2c9b0604b
-
SHA256
9b0ff8fa5c502441cfe711b32eca51a8596479bcd153084b1752d0d08e0b145b
-
SHA512
5e90c239c606c199c35710e45239519c03edff3c4bb7eaf8e5d1126510d89f34419467c2755316b9742db38f8019344e693a312f7ae9225719a7bc4d5eae4cff
-
SSDEEP
768:2gRdScmmv6EfPPYKlk3TwWzEpbilAWT93SRBGwgsjT2Edrrdy:9emdEdl5T934ssjXd/I
Static task
static1
Behavioral task
behavioral1
Sample
905035d952dc9b8c7c524740da5baa43.png
Resource
win7-20240221-en
Malware Config
Extracted
C:\Users\Admin\Documents\@[email protected]
wannacry
13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94
Targets
-
-
Target
905035d952dc9b8c7c524740da5baa43.png
-
Size
36KB
-
MD5
a1006c6c6d9c3df704aaa16f61df446b
-
SHA1
b3ca24d8dad28c865b1ed577b59560e2c9b0604b
-
SHA256
9b0ff8fa5c502441cfe711b32eca51a8596479bcd153084b1752d0d08e0b145b
-
SHA512
5e90c239c606c199c35710e45239519c03edff3c4bb7eaf8e5d1126510d89f34419467c2755316b9742db38f8019344e693a312f7ae9225719a7bc4d5eae4cff
-
SSDEEP
768:2gRdScmmv6EfPPYKlk3TwWzEpbilAWT93SRBGwgsjT2Edrrdy:9emdEdl5T934ssjXd/I
-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1