Overview

overview

10

Static

static

3

3688bca6ac...c8.exe

windows7-x64

10

3688bca6ac...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3688bca6ac228cb3e94eea3d1072f3c8.bin

  • Size

    260KB

  • Sample

    240728-bqdhbazcrj

  • MD5

    3688bca6ac228cb3e94eea3d1072f3c8

  • SHA1

    90061947bb5dae294351a3e7c2fd44d4a8266493

  • SHA256

    a825134682bf664ec94c05d713f163e8b0f15dde1153ee0bde014dd85e81bf83

  • SHA512

    7c26c8d0bade86e1229fbac4ebcd8419f23e68c8a552e3e1c314a620cae654bd502c15f81c6ba4d50aa9a6d08b9bf61fca2ee5518cfb5f91dcada31c77c14b5d

  • SSDEEP

    3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo30GCH:+Ed5+IZiZhLlG4AimmC7

Score
10/10
wannacryaspackv2discoveryransomwareworm

Malware Config

Targets

    • Target

      3688bca6ac228cb3e94eea3d1072f3c8.bin

    • Size

      260KB

    • MD5

      3688bca6ac228cb3e94eea3d1072f3c8

    • SHA1

      90061947bb5dae294351a3e7c2fd44d4a8266493

    • SHA256

      a825134682bf664ec94c05d713f163e8b0f15dde1153ee0bde014dd85e81bf83

    • SHA512

      7c26c8d0bade86e1229fbac4ebcd8419f23e68c8a552e3e1c314a620cae654bd502c15f81c6ba4d50aa9a6d08b9bf61fca2ee5518cfb5f91dcada31c77c14b5d

    • SSDEEP

      3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo30GCH:+Ed5+IZiZhLlG4AimmC7

    Score
    10/10
    wannacryaspackv2discoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks