Extracted

• • Target

    sharlotan54_2023-06-15-01-37-14_1686775034399.mp4

  • Size

    473KB

  • MD5

    25c252bc27cf7bc7997211bb9535b121

  • SHA1

    d479ae3764bc55011710e1dacdcf835c3319ea04

  • SHA256

    143e0902549cc52134118e70d9d890ac9279cab6c6239cbe85468ea37ff47956

  • SHA512

    38980abb9f6236aab581bef062ac1a207501a7b12ed089ce2f24ee9c57e3d25bad1586e5302abdd5b9ccd65bccc4a1686646ac6d71a1e94ab080e5cc7361bece

  • SSDEEP

    6144:dMWnHytWrDW2MfyJSluVKd8o+sUVTGiaO1KJivGpK/q5PpMfuvT938:dgOMfOVE+xVT5aJJieLRauy

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwareworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Adds Run key to start application

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1