Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-28_3d92a5ba0510fa666565200a3d7f8c4f_destroyer_wannacry
-
Size
37KB
-
Sample
240528-3dxtzagf8z
-
MD5
3d92a5ba0510fa666565200a3d7f8c4f
-
SHA1
a1003312ef89abe43028f4c466e3017a461fe7eb
-
SHA256
a73988ddd7012dbea460e6afe763dfc87fa788784301db187b6bc832a1b90b3e
-
SHA512
b79b58048f019bcfee19c36d3368deba30d8088f22b107bd69f107e8647fc6db1a7174cfdb4c6cd4f16c2dee1a0c879ba8b7b675dfcd97afbb38276c17053787
-
SSDEEP
768:3qo2ZK/hpktD8Hr92rda445lTtG/lpuBYXf3oZQEqj3mIgTeM:6o2Ze8D8Hr96da445xYlwBYgqEq7mqM
Behavioral task
behavioral1
Sample
2024-05-28_3d92a5ba0510fa666565200a3d7f8c4f_destroyer_wannacry.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-28_3d92a5ba0510fa666565200a3d7f8c4f_destroyer_wannacry.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-28_3d92a5ba0510fa666565200a3d7f8c4f_destroyer_wannacry
-
Size
37KB
-
MD5
3d92a5ba0510fa666565200a3d7f8c4f
-
SHA1
a1003312ef89abe43028f4c466e3017a461fe7eb
-
SHA256
a73988ddd7012dbea460e6afe763dfc87fa788784301db187b6bc832a1b90b3e
-
SHA512
b79b58048f019bcfee19c36d3368deba30d8088f22b107bd69f107e8647fc6db1a7174cfdb4c6cd4f16c2dee1a0c879ba8b7b675dfcd97afbb38276c17053787
-
SSDEEP
768:3qo2ZK/hpktD8Hr92rda445lTtG/lpuBYXf3oZQEqj3mIgTeM:6o2Ze8D8Hr96da445xYlwBYgqEq7mqM
Score10/10-
Chaos Ransomware
-
Detects command variations typically used by ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-