General
-
Target
edge.png
-
Size
424KB
-
Sample
240602-3t948sbf3t
-
MD5
9fe48c6ca871f2cd56e20bf38a16f0f8
-
SHA1
416f945df590d17bc858fbb9f3995086d059b528
-
SHA256
77ee38260b9dd87575aff3b3622ff3bd41dec221dcfb49df1c0cdf4e22ce2552
-
SHA512
0284923d3638a83d8bec319e5b62722d416291fa0abb15dc1c9bf6ff76a2774e4fb6692504fcd9f5734ded7dcaf4e90fbd2c9dd6a4cfbdb95f350f56b8a081c1
-
SSDEEP
12288:MOa/hE+Yg7pKEUzZZS0zVrcADF2vyOKQ9/69jFD2:O/O+YgsJNZ7eADo59C9py
Static task
static1
Behavioral task
behavioral1
Sample
edge.png
Resource
win11-20240426-en
Malware Config
Extracted
C:\Users\Admin\Downloads\@[email protected]
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
edge.png
-
Size
424KB
-
MD5
9fe48c6ca871f2cd56e20bf38a16f0f8
-
SHA1
416f945df590d17bc858fbb9f3995086d059b528
-
SHA256
77ee38260b9dd87575aff3b3622ff3bd41dec221dcfb49df1c0cdf4e22ce2552
-
SHA512
0284923d3638a83d8bec319e5b62722d416291fa0abb15dc1c9bf6ff76a2774e4fb6692504fcd9f5734ded7dcaf4e90fbd2c9dd6a4cfbdb95f350f56b8a081c1
-
SSDEEP
12288:MOa/hE+Yg7pKEUzZZS0zVrcADF2vyOKQ9/69jFD2:O/O+YgsJNZ7eADo59C9py
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Downloads MZ/PE file
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1