wannacry

Resubmissions

19-06-2024 05:03

240619-fpp7yavama 10

19-06-2024 04:58

240619-flwwbathrc 10

Sharing

Copy URL

Twitter E-mail

General

Target

StepMania-5.0.12-win32.exe
Size

49.4MB
Sample

240619-flwwbathrc
MD5

605ba6b62e64df3b2f0425ca04cedd8d
SHA1

f8845d9be37439411a7f588a3d1fd8bbd266466a
SHA256

b3a6c5f70cc35fa5a756e489b545d495309b2abdc5efaa7a78abbacdc2aa8f2c
SHA512

eb27737bad275bfc0e55404e2610ca49556cfd0a65c70d92e205aaf45fd543dd864a9274a98b6576458fe77f338e5c25db6e84e7915e7e91e37c292c631239a3
SSDEEP

1572864:7hkWrKNvdEimW99HuP2L8BUIAnFCJwHlN:7uv5mwS2LRnFCJwHX

Score

10^/10

Malware Config

Extracted

Path

C:\Users\Admin\Downloads\WannaCry-main\@[email protected]

Family

wannacry

Ransom Note

Q: What's wrong with my files? A: Ooops, your important files are encrypted. It means you will not be able to access them anymore until they are decrypted. If you follow our instructions, we guarantee that you can decrypt all your files quickly and safely! Let's start decrypting! Q: What do I do? A: First, you need to pay service fees for the decryption. Please send $300 worth of bitcoin to this bitcoin address: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94 Next, please find an application file named "@[email protected]". It is the decrypt software. Run and follow the instructions! (You may need to disable your antivirus for a while.) Q: How can I trust? A: Don't worry about decryption. We will decrypt your files surely because nobody will trust us if we cheat users. * If you need our assistance, send a message by clicking <Contact Us> on the decryptor window. �

Wallets

13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

Targets

- Target
  
  StepMania-5.0.12-win32.exe
- Size
  
  49.4MB
- MD5
  
  605ba6b62e64df3b2f0425ca04cedd8d
- SHA1
  
  f8845d9be37439411a7f588a3d1fd8bbd266466a
- SHA256
  
  b3a6c5f70cc35fa5a756e489b545d495309b2abdc5efaa7a78abbacdc2aa8f2c
- SHA512
  
  eb27737bad275bfc0e55404e2610ca49556cfd0a65c70d92e205aaf45fd543dd864a9274a98b6576458fe77f338e5c25db6e84e7915e7e91e37c292c631239a3
- SSDEEP
  
  1572864:7hkWrKNvdEimW99HuP2L8BUIAnFCJwHlN:7uv5mwS2LRnFCJwHX
Score

10^/10

wannacry defense_evasion discovery persistence ransomware spyware stealer worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- File and Directory Permissions Modification: Windows File and Directory Permissions Modification
  defense_evasion
- Legitimate hosting services abused for malware hosting/C2
- Sets desktop wallpaper using registry
  ransomware
behavioral1
- Target
  
  BackgroundEffects/Centered.lua
- Size
  
  431B
- MD5
  
  4ac6a23c6e47877060b1fe1eb9acb8a1
- SHA1
  
  52b19a2a0aef3855caabd2300cfe62f9c340dcb0
- SHA256
  
  3e9099fc6e514fc818eee2a0ef2783d4fd10a51bf0d577b05e5a8d58b2e18ec5
- SHA512
  
  7ad0302541f0301fc7344060f0257128c2d42c7c78e0235deca56881637a6371f496910ca65be845680b9ab1418b89c71d9c15abc8204d806490fbf16b1f8e90
Score

3^/10

execution
behavioral2
- Target
  
  BackgroundEffects/Checkerboard1File2x2.lua
- Size
  
  1KB
- MD5
  
  5e6c58e33e2af7bdc40ef0f2074b4043
- SHA1
  
  96ae405fa411bfcc94a90e469997118d2a1637e4
- SHA256
  
  4c538c93188e65ce27b2ece1c455e47fe56e2acf5a5d77bd104adf12180308cf
- SHA512
  
  76292b00895fafd9ed2311404133fd279f2be0840111c816241c4e1024b0921e9946a6cf4507cbbb6419da8485a1a04653285f0ea6bb536532881bf9beadc7f4
Score

3^/10

execution
behavioral3
- Target
  
  BackgroundEffects/Checkerboard2File2x2.lua
- Size
  
  1KB
- MD5
  
  405b5e3c23bd6fb7168b59898a308cd0
- SHA1
  
  5fedfd591b569c867f0a1c035612a365878e7b7a
- SHA256
  
  fc9f014b1cf15f4231b764200a8701fcf2dc8ebfeccfcefb51040d619f1630cf
- SHA512
  
  74c33ab45e95ed3f2f33ee5f522b4a42c3f9f0a86c8642061f2a913f38784cadbdf10807a4163bc472ebe929ee32b208235c66dcd9b535567deaf2b90416c011
Score

3^/10

execution
behavioral4
- Target
  
  BackgroundEffects/Checkerboard2x2.lua
- Size
  
  1KB
- MD5
  
  fb26a1dff631299fbc1c73ccad9c1af6
- SHA1
  
  5dd15135bc5121ce4f16e5197c87b7032fd4d56f
- SHA256
  
  9dde2e1f4614b1e5edf2002ea32011e22b7aa0991f31b553812ef78a941b6541
- SHA512
  
  0420bcd7b0df30e1d782d0487d034779afd262be8eaaa791bb8b16b5f6ef5c28565cffc228992151f6b8cfb3edfc70ba0f75445add458beffc2c7072bc863dc6
Score

3^/10

execution
behavioral5
- Target
  
  BackgroundEffects/File2Flash.lua
- Size
  
  962B
- MD5
  
  b037b99f12a54f001779a50a0a22ed53
- SHA1
  
  6a94bd9fbbe4a26a29f4fe4445508085edcf5354
- SHA256
  
  f780c79366919f02238cd93a94b02b76defb46343e4611f6a9378b9465e19f59
- SHA512
  
  2acf5220a5f00c2222e35621cf284be1bc2fc23950bc4de3435b957e68fa2a197b80b80c14918facadd41dcc1d8cbd437d318e6c9c2a38f71ab6768af3ac745b
Score

3^/10

execution
behavioral6
- Target
  
  BackgroundEffects/File2Normal.lua
- Size
  
  934B
- MD5
  
  ed1fc9e24a9ce8a6967a1287d5e5ad05
- SHA1
  
  92a87670714ab12b859b1c8693d65cf57486b558
- SHA256
  
  9de71c0d5cbd9d3962259666e6da8dd1312867d76b249982473447bd077f439a
- SHA512
  
  12a9a26ccdebae703abfdb9e58897c816b3551c048e3430d0a9d700aae16ed50bb1142431282cecd9f8798783c620f19b46156d21163227e88782e0da27fa81a
Score

3^/10

execution
behavioral7
- Target
  
  BackgroundEffects/Kaleidoscope2x2.lua
- Size
  
  1KB
- MD5
  
  d9cec9ce4d9db5f96f01387f14267e62
- SHA1
  
  85d8cd8c757b1e53537a9acae42695544a0803bf
- SHA256
  
  612852916e4c298821d5f02419d4ff55015a4e77e430d3cf000cc394f8ca0f67
- SHA512
  
  33d8fe4bad5e60edac19d238a1aacf66c067befb8ad2114ece6567a0a8d527b62cb386a90d453fe038e14ce67731b99fc2e8329b723b88298f1f77dab593f524
Score

3^/10

execution
behavioral8
- Target
  
  BackgroundEffects/SongBgWithMovieViz.lua
- Size
  
  903B
- MD5
  
  1aa837c94723077f598e886475105cd9
- SHA1
  
  d85c72f640c77d93c0dca952546f686dfedd97fc
- SHA256
  
  ec9ae9d8bd6613d45fb17d0932cc8ecf139884b5e76d8558924336be4608108b
- SHA512
  
  0483ad4513b9bdb0954c0158c71196a733cedb9b3757be21dc005123dfa92b441c357799cc7c6cd014aebd0fb14edc89bd0883605ebbf4cad8d8108639f74b3c
Score

3^/10

execution
behavioral9
- Target
  
  BackgroundEffects/StretchNoLoop.lua
- Size
  
  875B
- MD5
  
  b080d892924f795106f4d2778db1f179
- SHA1
  
  3a4cb2a18d28110e471ad8ec2b504e6805edd969
- SHA256
  
  a26f8a483595ae45d1814f4bee0b186f795dfe1fe27933a49bb8afbf5694aafc
- SHA512
  
  c5983356dfe9244d12fb9a8a719aa3b0865185071e36641949f7ae43816dac652575612afc754b510411ec609aa76937553bc462e0e8f30b79aab7938334c371
Score

3^/10

execution
behavioral10
- Target
  
  BackgroundEffects/StretchNormal.lua
- Size
  
  494B
- MD5
  
  648875778ec83750ebc554512a6f1c66
- SHA1
  
  34d5cb4f6186531d6ffc2b0b7ececd4415370f81
- SHA256
  
  cd1fd29b7b7dddace51ba66c71111d1113d44d69ad09b41b793f98d5f303c334
- SHA512
  
  25d0ca45f97513bd6ffa61a58ac7cd3e1d8a2b2038404b2ae019228521e3b2379c89a9ad849639b942b80ae4a5ebef0fa201dce4202a0376237eceaa34f9208a
Score

3^/10

execution
behavioral11
- Target
  
  BackgroundEffects/StretchNormalAlignLeft.lua
- Size
  
  505B
- MD5
  
  6afc340f2dc54c31443642d3c658e4f4
- SHA1
  
  70539cb6e48ae601a7be93a6ec2607005dfd1a52
- SHA256
  
  e3711af45c283ce145731662c62082de3c487ce1ba2e38d50175200f903bda98
- SHA512
  
  840eb9eeb1cb1150fb8f44f73a35f1c94e812102732a242b814afc1b48f3fff578de3b7bf72c021cfdfb2f68b31fb911eca0d337d0e305a8fde643961e53270b
Score

3^/10

execution
behavioral12
- Target
  
  BackgroundEffects/StretchNormalBlue.lua
- Size
  
  505B
- MD5
  
  6f8f2aa81f188e78023111377101b9d3
- SHA1
  
  349e139f8214cc72dcc8f9feb10dd927442b9660
- SHA256
  
  b1c74374be0bc62947b07339616e24f10ea8d120474c530173b87b8038feb726
- SHA512
  
  88cb6b21964dd8963cca416dc4e3299dd5d338602e47246af0b61f657032501484a020d54685ab3ac9a722d3a694eca4ab86b8c1bf64304bec55a441451f264a
Score

3^/10

execution
behavioral13
- Target
  
  BackgroundEffects/StretchNormalGreen.lua
- Size
  
  507B
- MD5
  
  26c05920d941c908184e051a1f0c1d03
- SHA1
  
  8d5bc5348b62bbd3c9650e238679f769e7b0ac6c
- SHA256
  
  79562eca527f187215128a7dc084669819ea93c2c57aad7a196bfef260bbe3b6
- SHA512
  
  597bc08a3b2df15cab1e098b9619dccc55c2fabe96c9d2275d2133503e949e3bff7111e5252db8c64ea9463f92d3cdb97f6ed461d1091a5d8b64524e3a4b252a
Score

3^/10

execution
behavioral14
- Target
  
  BackgroundEffects/StretchNormalRed.lua
- Size
  
  505B
- MD5
  
  1bcacd8905ca7cf600a2118044a8c744
- SHA1
  
  31d336f16b183c1d8c524c3eaef9602c53acade2
- SHA256
  
  44c035cbd84e3b92a196a360f056aeaa96f4e2fb1d7ded1e5bcdfa35f8d53d0a
- SHA512
  
  fdf40400b7ad86447370a6183b24a1d8a0bc693383838e0f9a08138d14c819523fcd56fbaea06bba46645bb33d1c4462847c139686708646e2e1ec4cc8c29646
Score

3^/10

execution
behavioral15
- Target
  
  BackgroundEffects/StretchPaused.lua
- Size
  
  476B
- MD5
  
  ac7302e2ec296de206d795196f19f25e
- SHA1
  
  4651ce724e9cb912e9dff6b651f4082fbd3110af
- SHA256
  
  310f1624b82ed19e0754efacea9ce94a2e8c9fc2be7b236ac7fd37f2b0973990
- SHA512
  
  623555f5003dc3177633e9e9fe4c5185c99b99751bc8bd8a267fc6c07b5d95f87b9b696f41e1cc631b9a578574cea8039f1baf96ff9b5c0d3a3b92b02eb76cbc
Score

3^/10

execution
behavioral16
- Target
  
  BackgroundEffects/StretchRewind.lua
- Size
  
  558B
- MD5
  
  12106c6fc635bae3cbfd8bfe6bc012e9
- SHA1
  
  1eb2c3544d2a0c0b9aa685b0846f21f492856b32
- SHA256
  
  a27e3e86eb08c9eb391ed32469a342e9633eb64062d13ebaff6731214529ef28
- SHA512
  
  93ae3eff2f44b1a9038656211bf2b5aa8d1fdefcc91d1d63236cc1cbe9ca5eac484e0a73a9caf95147221052fd4ca62e9b5302b81ccd17eff52ff89b643d8684
Score

3^/10

execution
behavioral17
- Target
  
  BackgroundEffects/UpperLeft.lua
- Size
  
  427B
- MD5
  
  c7f88fd9d10fbcad42bf599a98781761
- SHA1
  
  42cfab6551a2500bc912c2e07397abf7cd93b275
- SHA256
  
  6c79cda7d3e62aca6bf39d2f77ebb73b6da66f909c19e670343d439f82163d61
- SHA512
  
  77c638348a97bc8a340db362a9eed73f3a3030f4598eb2d8d4b6988cda5268c6b2e3e832e3a6f66b7e29485b03d3f28dfc2421a95ef474c032d8233d450b7b1e
Score

3^/10

execution
behavioral18
- Target
  
  BackgroundEffects/Visualization2File.lua
- Size
  
  930B
- MD5
  
  053c0d2fb9be998fcf88b81e577a0201
- SHA1
  
  2380e95654f084bbe70fe353dc95375ce485c23e
- SHA256
  
  be514af2354310a85ece92c3642622958c53a61867ea57a0b6796061ab0916ff
- SHA512
  
  74a276707a6f1c6a4f3c9a776734b83d0636d04034633b23c5d7e476eb562af56bc1f5d7d75baaecf47f717fcff8640227c70c7a075dad3b51e1e5df32561c50
Score

3^/10

execution
behavioral19
- Target
  
  BackgroundEffects/Visualization2FileFlash.lua
- Size
  
  985B
- MD5
  
  38eedf7616c0aae98c157bef2074e530
- SHA1
  
  de3ae3acb5561ede02cb60b1aaa1a29a7750bb2e
- SHA256
  
  a4b5c7b46def02e3b078e0b57029cbe21010fbf37689b0eac29dfb0f6687c118
- SHA512
  
  7f203e270259f31d92548674eacdef2a4adb0ec99213e253c96faacc5b42f5fb02d24da15e7cef30054f244be0b3dbc4e6954edea9964ed684b9e3029f88ba6c
Score

3^/10

execution
behavioral20
- Target
  
  NoteSkins/beat/default/Fallback Explosion.lua
- Size
  
  2KB
- MD5
  
  77b9768e3f3c6eb730159a7f8f802e42
- SHA1
  
  cd959a45b2e48e25be76a756df8483c0aaf61a9c
- SHA256
  
  5d8cf45d58a22028d1125aa86c2efb0c0ecd963a4f43dc35dac359c0de60ba95
- SHA512
  
  a6f37b1c676ac6fd5219e15a0c0fa64297982f399769eca149d55bd1a433654ed060f9ab8e106624c7871ace314c1df46e07b370c5ed107e910f1856c43d16db
Score

3^/10

execution
behavioral21
- Target
  
  NoteSkins/beat/default/NoteSkin.lua
- Size
  
  1KB
- MD5
  
  2127ae02e069ac6bed9a16610224a249
- SHA1
  
  50c93db9b96a5790b114c924b39621692cd86a1d
- SHA256
  
  fe086333f90d62621a52ad45959e1668b1d33ff9f967b5d60954cd34a94cfb4a
- SHA512
  
  9e86ed452d61f12346c0e02b17b2709164114a7bdb80a76d8670bbb6dcca0be18fcc7307847bf630d4550c2b0ffbad195d00be7fd7bbf3e607a6687422178318
Score

3^/10

execution
behavioral22
- Target
  
  NoteSkins/common/_Editor/NoteSkin.lua
- Size
  
  9KB
- MD5
  
  8dcb936a64041d737a63ccbf1c006280
- SHA1
  
  e00c76ba4baeb46a708f365859f647c54c1e1c26
- SHA256
  
  78b5e75d61974aa4fe2415f830f685c69072a0a33e0791fc8c928834df2b73f2
- SHA512
  
  e12ce4180912d3526c3eb46f45669ba2df37db201b5f8ffd9fd625ea78a518f06a24b0dacb90d9e9f1db8b15c142ae563891ea0c629bdce1939916268ecc29bc
- SSDEEP
  
  192:4VzOfMGHkGjeThxmdCmIj0mBCm+SVOHqEoae87D:6GHp2cejJ4SVOHqEoU
Score

3^/10

execution
behavioral23
- Target
  
  NoteSkins/common/common/NoteSkin.lua
- Size
  
  1KB
- MD5
  
  573a405437658cfdbe8e83c52616abf8
- SHA1
  
  3967423067da362bb1fe266843c76e73d2122125
- SHA256
  
  693fe3c8159a0fdbb75c9f209f0c71ecb88274bc4492387061b34d621c6ab5c2
- SHA512
  
  c1e824b4197bad60df65656f759197b721e9cbf65c7e07707db15af4fc6f6207aeb96334d04250f7addc2756a5e5eb62d66459ce78f0035605a2b742abbf1865
Score

3^/10

execution
behavioral24
- Target
  
  NoteSkins/dance/Delta/NoteSkin.lua
- Size
  
  1KB
- MD5
  
  20c3c4c72f7a50f37416604c8214d225
- SHA1
  
  6d0b96b3120d61513e922ef8c25ab667a46276e2
- SHA256
  
  5140bb093e1b24a63c96ea9f7913e10b282c20f285725474c06758456704c223
- SHA512
  
  58eb845b83cb8bc33c02e9a635f597f3581935fd468a57270b667eae812e33c12ebd35a5bdd65763670075c5fec4adf52d48b74ea87e0b5c2b8f9aba998930a5
Score

3^/10

execution
behavioral25
- Target
  
  NoteSkins/dance/easyV2/NoteSkin.lua
- Size
  
  3KB
- MD5
  
  59254b20587034a3493a40e119c426c8
- SHA1
  
  6bff11e953a641c439625a3dc1ce1158604ece77
- SHA256
  
  74b737f0fbda2fa648ce6bfc563fdb81ed666df10dd9d35cf1f40b1c61d92e98
- SHA512
  
  fd1c6b0b63f40abaa86d13cdfb1f7705dde12a1d71d4b189e6abefe102b128868829c49ad1098c2cefb318c510235e7a41a13e9e4d4d220efd3ee545299be6a3
Score

3^/10

execution
behavioral26
- Target
  
  NoteSkins/dance/exactV2/NoteSkin.lua
- Size
  
  3KB
- MD5
  
  59254b20587034a3493a40e119c426c8
- SHA1
  
  6bff11e953a641c439625a3dc1ce1158604ece77
- SHA256
  
  74b737f0fbda2fa648ce6bfc563fdb81ed666df10dd9d35cf1f40b1c61d92e98
- SHA512
  
  fd1c6b0b63f40abaa86d13cdfb1f7705dde12a1d71d4b189e6abefe102b128868829c49ad1098c2cefb318c510235e7a41a13e9e4d4d220efd3ee545299be6a3
Score

3^/10

execution
behavioral27
- Target
  
  NoteSkins/dance/midi-note-3d/NoteSkin.lua
- Size
  
  2KB
- MD5
  
  146afe4a88bd2c68f9f7eb8f3d3f7fac
- SHA1
  
  fe9eb57d1a7da3add346116192719c6db7208502
- SHA256
  
  06d41988dc4262d3eb6af3af45355b0b2f06ec2b48a4aabc5ff7a5d4390d932d
- SHA512
  
  43355ac39fcfa019f17bc28ddcd5cd3c9893993080c39e98c60c489aa46c72524b2726b36a511846c76f08bce2a3f753b92440ff7698eea913e1066750726734
Score

3^/10

execution
behavioral28
- Target
  
  NoteSkins/dance/midi-note/NoteSkin.lua
- Size
  
  2KB
- MD5
  
  dc46f0504b2f0977141406582ac13995
- SHA1
  
  9a2635b56f101f3c4427b8d93e553d6676ac9bb8
- SHA256
  
  0c35d6a26643d632845ae2fca8d67397eb3fea9c260b5c2e0b6ab090dc7956db
- SHA512
  
  000a47c0e781ef26406e627d37ca209b011e156b63656ab6a4a2c03001456d1c2166c08fe9cd95d4cf68b10070be12db99f055116f7105ce70d1aa0ed6d53406
Score

3^/10

execution
behavioral29
- Target
  
  NoteSkins/dance/midi-solo/Down Tap Note.lua
- Size
  
  222B
- MD5
  
  4957e922e9788f3cb5b2ac872f02d161
- SHA1
  
  49c19b58652de1bec90480ba2fc9e9aae7d3a892
- SHA256
  
  e6d58c9ebfd5b05ec4b7018be389571b2bd22e091506d88f9c16664732627bb1
- SHA512
  
  676ae61e286f77199f5c36e42acd2bba782e9691954efafce3a38ef440c36723212cfca6b0417f2d148cc523973ac829f758a203ca8ac90953807b5648c69b74
Score

3^/10

execution
behavioral30
- Target
  
  NoteSkins/dance/retro/NoteSkin.lua
- Size
  
  2KB
- MD5
  
  b38cab2bbe1d78caf28df1fdccce7ece
- SHA1
  
  6395ee1fbab9db2ae2a3e83cc8e3db1a5e0314ed
- SHA256
  
  9e4861c5c0ffb69bfecc3ccf7f9bb580f23e9a7af0f31f180f8361aa54af492e
- SHA512
  
  b9e711a8a4defa6f76821b945ee53c5d7977063570efce78179b9bdb796f2fd6ddbf954ed9d1998073ca648ee747cd92f8ecf895990025d7df967336ef8a79ad
Score

3^/10

execution
behavioral31
- Target
  
  NoteSkins/kb7/default/NoteSkin.lua
- Size
  
  2KB
- MD5
  
  b7933bb04e6f6eb446225f7a34f35fce
- SHA1
  
  832264b5f8631fa63cdad02b30c1caf05993f29d
- SHA256
  
  af5db71e3117a2d34aba30cbad1bd6d88e985f36c752cf9776fb8f648fd26874
- SHA512
  
  ae6e31a020c44b22011773d975b439d8200d71bda7f9dde6e787c7a613dad71ebc7fbf6a203027ee65f111451cf0697be34848d19d8c53c7c1816568e6f7e3e4
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

File and Directory Permissions Modification

T1222

Windows File and Directory Permissions Modification

T1222.001

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Defacement

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Drops startup file

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

Reads user/profile data of web browsers

Adds Run key to start application

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

Legitimate hosting services abused for malware hosting/C2

Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32