wannacry

Sharing

Copy URL

Twitter E-mail

General

Target

release.zip
Size

12.1MB
Sample

240807-2y7dgazapg
MD5

dd015db5a3673778047bbfc2adcf9c17
SHA1

8cd77507c03f7a4ac9d8fb5d01d0004f338e33cb
SHA256

faca9623e7841c5634c17b56fa17d50a3c86eb9d2302b418563e3d26601343d3
SHA512

f4f8f5d357162351b687931895f77393d6e59a96b9338d7fd9d834edcec780d46675e40c4363f747a7a63247445ae4a48663e332f605f80dadf4f6cc50bcf29a
SSDEEP

393216:sJoSVkczsjcza+2rQAI9vNiVTPCnLgfoSkN:siIFa+Z9vNiVTPqLgfoPN

Score

10^/10

Malware Config

Extracted

Path

C:\Users\Admin\Downloads\@[email protected]

Family

wannacry

Ransom Note

Q: What's wrong with my files? A: Ooops, your important files are encrypted. It means you will not be able to access them anymore until they are decrypted. If you follow our instructions, we guarantee that you can decrypt all your files quickly and safely! Let's start decrypting! Q: What do I do? A: First, you need to pay service fees for the decryption. Please send $300 worth of bitcoin to this bitcoin address: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94 Next, please find an application file named "@[email protected]". It is the decrypt software. Run and follow the instructions! (You may need to disable your antivirus for a while.) Q: How can I trust? A: Don't worry about decryption. We will decrypt your files surely because nobody will trust us if we cheat users. * If you need our assistance, send a message by clicking <Contact Us> on the decryptor window. �

Wallets

13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

Targets

- Target
  
  _five-nuker-contents-dir/api-ms-win-core-string-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  55dd5d552a9c827c7292aa17f3a14c5d
- SHA1
  
  369d81577e811ef8c0a61b47ef32ffc02aa2185c
- SHA256
  
  909f4badb60ff1951243f334cb7410318c4772833d3a996dbda07968cd7e36f4
- SHA512
  
  fd60feb5538158563f8f2f6b8d37c76c967e052c90b1bd7adfa766c4057fede46f27dc43c5c4c6b97fc2cfc1ed774995331ee4729c19c0d7d7d474551d33c5f9
- SSDEEP
  
  384:uyMvQW2hWXZSf+VIYi+vnCAM+o/8E9VF0Ny2r1x:uyMv07/Yi+PCAMxkEav
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  _five-nuker-contents-dir/api-ms-win-core-synch-l1-1-0.dll
- Size
  
  16KB
- MD5
  
  48ecbb112f1f1a8e74a18ea760478ceb
- SHA1
  
  b39bf955a5988abc26b04f5987b642caab781bff
- SHA256
  
  46b06d95648802953ab4cf26aea89ea52bf2085c2d4f44381cf36d053fef44ca
- SHA512
  
  90d16242754780009645677d419a41050bf67d5c75a76ae1792a36dfe2357ac413c2a2281dddb2cd7dc110865082c7dc4f81035785f469730f45720dcedcf8f4
- SSDEEP
  
  384:Idv3V0dfpkXc0vVaOW2hWlZZSf+VIYi+veAM+o/8E9VF0NygM:Idv3VqpkXc0vVam2o/Yi+mAMxkEd
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral2
- Target
  
  _five-nuker-contents-dir/api-ms-win-core-synch-l1-2-0.dll
- Size
  
  15KB
- MD5
  
  ec18057e36a1ea2110fde721d0000a2e
- SHA1
  
  d27ea8ff2b9f5ee8ac2416cf4839d4959e21e561
- SHA256
  
  a73fcc7844d724ede85d24b150c491a07c7c4d2556909ea624a6ab853368312e
- SHA512
  
  3c3c1612fab05ea2536e7c209dfc1f6c74dd13fd00f0e6cea9d777a8a6754d435a3c1a0a3038a58fe6eb8dc05fd8c92b6101559ae78947f204837cf1718d466b
- SSDEEP
  
  384:ftZ3zW2hWCZSf+VIYi+vKHeAM+o/8E9VF0NymK:pc/Yi+CHeAMxkEf
Score

1^/10
behavioral3
- Target
  
  _five-nuker-contents-dir/api-ms-win-core-sysinfo-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  e643a7b09cd971f55bed6e637dc26943
- SHA1
  
  fa6108adfe4db69c00667e21d8a5c41d38f4a6c1
- SHA256
  
  8762076d34c827b10ee7b865e0691fab2cd474b3489863ff4c3de19160df00cd
- SHA512
  
  facb9202587c41c11a62de603a207b0f32adf4703b66e4465ef278f85b72028362711fadb847ef3fcfab082002a4755b59ac41fc14414b59fb1842ae42f74547
- SSDEEP
  
  384:Ik+W2hWVZSf+VIYi+vPAM+o/8E9VF0NyT5xq:IkWV/Yi+nAMxkE8
Score

1^/10
behavioral4
- Target
  
  _five-nuker-contents-dir/api-ms-win-core-timezone-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  683d6579333e3973206b54af6be2c5ea
- SHA1
  
  e9aebf6246633ead1750acbfaae4fdd6f767bec9
- SHA256
  
  c446925083f68506717f84e9303d1ac9394bd32c1d98087784499f103617f1d2
- SHA512
  
  858f87f00a28cf66215298673bbb8b4ef24ef7a160b932dfed421d4c5d78f469aea0c712d97cf154a264425137a25651d230a4137e1c6bdd4992096acf8370c7
- SSDEEP
  
  384:+W2hWdpZSf+VIYi+vlnU+3CAM+o/8E9VF0NyqWh:W7/Yi+tz3CAMxkEr
Score

1^/10
behavioral5
- Target
  
  _five-nuker-contents-dir/api-ms-win-core-util-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  ce7dd30935c79f2bbde1e8c605c281d0
- SHA1
  
  089b003848f210f0ed7ff558bc725fee6bf8150b
- SHA256
  
  977313dbcaa38a2901fb9c0ac718713f6dc66c6218a8d4bf458b71e7df4af642
- SHA512
  
  06a8e9491476b82a0cb6142fa3ff503ff0fbcb452d515519a4216046d618ab92322c43c5a90b67d26db084e5be343be5fee31bc4ab1cd2a94a565e0f43d363b3
- SSDEEP
  
  384:3W2hWzZSf+VIYi+vuAM+o/8E9VF0NyIvz:Jb/Yi+2AMxkE6r
Score

1^/10
behavioral6
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-conio-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  e87662932bc0eb99119942e4feaa08be
- SHA1
  
  7a3a650b2c24c78cb5f0da4dce0bb45c2b8cd87c
- SHA256
  
  5703046dbfc442cb51c57aef87ca7aaa369fdc00330eff4adb38487b852fd942
- SHA512
  
  2bcfb997c62ee2682e4e408ec595469429b5ff4014b21e1ae449c16389f51f541fb89023725e380dfd666c3699f92fbdc8fb26ca008afe6f7a273dc290d02c1b
- SSDEEP
  
  384:ILW2hWyZSf+VIYi+vQAM+o/8E9VF0Ny2G3:Kg/Yi+oAMxkEr
Score

1^/10
behavioral7
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-convert-l1-1-0.dll
- Size
  
  18KB
- MD5
  
  5e894a4343bcc09841f1662d2522facd
- SHA1
  
  d3b430d5ed62fa3010a3162214f7549f2201ebad
- SHA256
  
  cbb046f5f515d5125939d44064041cda41fc0cd50a2c40aad339b62bc9e825b7
- SHA512
  
  12f2ba06901463dfe29bb6727c49c54877a421a7ee194278d7eded3178ebbff8364c61232c0e7dc2ccf5672746da55a65a629a011207535794a37e4700f1626f
- SSDEEP
  
  384:kDynW2hW5aZSf+VIYi+vrCAM+o/8E9VF0NyExpE:x4h/Yi+TCAMxkE3
Score

1^/10
behavioral8
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-environment-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  c358acc0123ff20d91d029ed1ea3e7da
- SHA1
  
  9435883c17f19f2ca6a220fc88216ebf9ca68d97
- SHA256
  
  15216a0df598e1576998480e652a4a2188b8c6b01e55cc32e2abc06a50ced37b
- SHA512
  
  8b7d275eb954f0e990fe639f2adab6e2eeb701ea409f5fdf621f8c3818d2e8a2e7cc3eaa619fcec8bb276828b177aba31ba449b0781d6fed2597ceadd9dc0336
- SSDEEP
  
  384:jW2hWCZSf+VIYi+vgXAM+o/8E9VF0NySmt:lE/Yi+MAMxkEj
Score

1^/10
behavioral9
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-filesystem-l1-1-0.dll
- Size
  
  16KB
- MD5
  
  4c1a59a3effe3d39045c2536a686f96b
- SHA1
  
  7209e1cd70421df2015c92fc438848c71e29c116
- SHA256
  
  c3d0afba3b4fb2398dee617d79e07284df6fe6fd916a3fb12f99c1e81e815abd
- SHA512
  
  17af0aba042d1c0082bc73e4ae1d62db841c7cc205ea46878c3ff82a50a5db9ff81c913bc5d245857be1546ee74678baa9d5f53989c32cd6a1bcc395a8b08fae
- SSDEEP
  
  384:c481nWm5C0W2hW7ZSf+VIYi+vCqAM+o/8E9VF0Nymob:rOnWm5Coj/Yi+FAMxkEbb
Score

5^/10

discovery
- Drops file in System32 directory
behavioral10
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-heap-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  237c7a8c968875791205980c96b58d96
- SHA1
  
  285ca656d01f6eac1216253ad78d77aff4fa4364
- SHA256
  
  4ef233a2f2a4312652a2d7ac2cb70d4a3435efd75b97e30df651c717e471fca1
- SHA512
  
  7c3164a26b6cff37793738f50e71477b8a396ca3776935612b98a56a19a958288421bf6bde036e662e470e50aa509b781b6a5ca8202eed307c136767eb6c9f17
- SSDEEP
  
  384:TfW2hWSPZSf+VIYi+vpoEAM+o/8E9VF0Ny6JT:TBJu/Yi+hrAMxkEW
Score

10^/10

wannacry defense_evasion discovery execution impact persistence ransomware spyware stealer worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Drops startup file
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Downloads MZ/PE file
- File and Directory Permissions Modification: Windows File and Directory Permissions Modification
  defense_evasion
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Sets desktop wallpaper using registry
  ransomware
behavioral11
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-locale-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  41dec36a6db70ae243fce02cd21597a3
- SHA1
  
  bdb8c8267d3369e9c3cae42dfa0cb110619f9ff1
- SHA256
  
  182a504cbbc6aaa7638c976664003ff41cd4ffb0fa8593691318897d73b2fefa
- SHA512
  
  a8dd8d22fd866c4c728ce9877108aa8e8c4bbda991ba6fd3d72fc0f4b629360fe6253521017b3597973a46c6a7094d612ae2aba101b4727fec475b5b580c9119
- SSDEEP
  
  384:Q9kW2hW/ZSf+VIYi+vJMAM+o/8E9VF0NyMv6T:ZX/Yi+OAMxkEJ
Score

3^/10

discovery
behavioral12
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-math-l1-1-0.dll
- Size
  
  23KB
- MD5
  
  6b11cc11692e9729d1511d7c9fc64cff
- SHA1
  
  a6e458894200d979f66cbcd5b783fbec7456c5d1
- SHA256
  
  e27f7dc70130d78bd1ca5b806220f8380b7da6e1756c52f91b3842459c1ebe8c
- SHA512
  
  f33340ac624c4f097aa9de9e0abc9e35dd810ba41354e15c4b228f399a2aff5a3e9f156550eb7d9d460f323211f9937ae27cf4fa33831412146258eb1f7877a4
- SSDEEP
  
  384:mZVacWM4Oe59Ckb1hgmLtW2hWSZSf+VIYi+vmAM+o/8E9VF0Nyjx:mZVJWMq59Bb1jbc/Yi+eAMxkET
Score

1^/10
behavioral13
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-process-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  d4df2c92611140db3701e61edf704c15
- SHA1
  
  731d0b79f7fb3c8293508ae17a766683b2a4f0f7
- SHA256
  
  0d5f9a2f863ba485ccc4f0d5fa7da343587fd35813536be0cf29b577ba1bb0f4
- SHA512
  
  a86b54259bfca44ab6246e1a66e9caba330d4f7a8af7689fecb1b7225fae3f3228231c19988311e478c7e390ac441acbdff7f92bd0d7e4eba1d909befc4f2c93
- SSDEEP
  
  384:xitIDW2hW/ZSf+VIYi+vXSYAM+o/8E9VF0NyY7G:ImD/Yi+PSYAMxkEn
Score

1^/10
behavioral14
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-runtime-l1-1-0.dll
- Size
  
  19KB
- MD5
  
  f57a0c18b864fae7f1e2631798ca4311
- SHA1
  
  7a01990c0a1c11a004543baa567b82b63500a49e
- SHA256
  
  c38a3289228f0eca6cd77798bd709ed26099135b3e82b5c58614eb3cb93aae2c
- SHA512
  
  2fb2df999a650cd18aee5a1e848f934bf0205e33cfc9c282fb01f2c7897496f4dedf0374cd04417fa3e2d67ea4aa79fb77e3d961a0cec493f56ef6a8a2ea6bb3
- SSDEEP
  
  384:O42r7eW2hWyDZSf+VIYi+vsAM+o/8E9VF0NyiS:O42r72va/Yi+UAMxkEv
Score

1^/10
behavioral15
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-stdio-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  c7d6b14be37db42014dda1b5cf8f5341
- SHA1
  
  4a3e111de7c253fd8b382a69a65eebf06f9e150c
- SHA256
  
  7534225bd6548aeb0842cd375122d8d7b8bc220aa08aaf6498d18d27f2172658
- SHA512
  
  353be90d0738e7b5dd6debca6ef72ebaaece52936455592a0fbdada391f5954c5dd6b09a6b3222290dae775ee6406582f76e717197a349f52db90bbf79b61c74
- SSDEEP
  
  384:V3vAmiFVhEW2hWaQMZSf+VIYi+vGiFFMAM+o/8E9VF0Nyi+:1vYWLQr/Yi+ui/MAMxkEj
Score

1^/10
behavioral16
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-string-l1-1-0.dll
- Size
  
  20KB
- MD5
  
  066b8ae3291b12e3715a46e99a30a903
- SHA1
  
  5bae72757ae641890ec5a03ef56c58a5cd578e00
- SHA256
  
  009547aced2432727bab7da88b9a9bb052f7f818eb447dc10c0ca97d22478562
- SHA512
  
  814c92bd93ec43a2e1c9b3ddf33dcea6915f9e690c4d2e17375519606dd854dc25b5e0aece10b21c53b422791d69fb3c3fd52487400c015e558a71340cf88258
- SSDEEP
  
  384:q7x0C5yguNvZ5VQgx3SbwA7yMVIkFGlHW2hWoIZSf+VIYi+vynAM+o/8E9VF0Nyg:85yguNvZ5VQgx3SbwA71IkFC9v/Yi+8k
Score

1^/10
behavioral17
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-time-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  6f1bc6ef8fe550cf6c052673c738f79e
- SHA1
  
  adae680e3e78654e573269a7c2201a3c8478cefc
- SHA256
  
  ea76f832cc3261b5e08f45e0c0a490d759cac34bd978c3f98dd10b5fdb1e20fc
- SHA512
  
  7894465f075d109be4017f4aff0fdcf588a47972fe4b424aa771719a042d917c2a740d1fcfe0e3e2264a567a26acd2621423a6dedd4294f9ffd0de17e02613cf
- SSDEEP
  
  384:sPEzgW2hWJZSf+VIYi+v4AM+o/8E9VF0NyHTSMW:S0Ed/Yi+wAMxkEG
Score

1^/10
behavioral18
- Target
  
  _five-nuker-contents-dir/api-ms-win-crt-utility-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  43d972a6a7131065b78be5f456dbdb08
- SHA1
  
  304c4cca6550dc025b0f34251c880764d6710bad
- SHA256
  
  1252803f848819abb848c8d30af162ce55d405a265cd94bcbfb974a6e866c1de
- SHA512
  
  90b73a5d2aa9d7a7d93f72327f4001942ec8fd949a66c232dfc7ace7dd5eca13aac6a29a32603473be9a71930a22d7d2935fb4447c1eaffe81218c2dd1d8fd28
- SSDEEP
  
  384:jBfKW2hWkZSf+VIYi+vuAM+o/8E9VF0NyYv5s:FfSq/Yi+2AMxkEu6
Score

1^/10
behavioral19
- Target
  
  _five-nuker-contents-dir/charset_normalizer/md.cp312-win_amd64.pyd
- Size
  
  10KB
- MD5
  
  d9e0217a89d9b9d1d778f7e197e0c191
- SHA1
  
  ec692661fcc0b89e0c3bde1773a6168d285b4f0d
- SHA256
  
  ecf12e2c0a00c0ed4e2343ea956d78eed55e5a36ba49773633b2dfe7b04335c0
- SHA512
  
  3b788ac88c1f2d682c1721c61d223a529697c7e43280686b914467b3b39e7d6debaff4c0e2f42e9dddb28b522f37cb5a3011e91c66d911609c63509f9228133d
- SSDEEP
  
  96:KGUmje72HzA5iJGhU2Y0hQMsQJCUCLsZEA4elh3XQMtCFXiHBpv9cX6gTim1qeSC:rjQ2HzzU2bRYoe1HH9cqgTimoe
Score

1^/10
behavioral20 behavioral21
- Target
  
  _five-nuker-contents-dir/charset_normalizer/md__mypyc.cp312-win_amd64.pyd
- Size
  
  120KB
- MD5
  
  bf9a9da1cf3c98346002648c3eae6dcf
- SHA1
  
  db16c09fdc1722631a7a9c465bfe173d94eb5d8b
- SHA256
  
  4107b1d6f11d842074a9f21323290bbe97e8eed4aa778fbc348ee09cc4fa4637
- SHA512
  
  7371407d12e632fc8fb031393838d36e6a1fe1e978ced36ff750d84e183cde6dd20f75074f4597742c9f8d6f87af12794c589d596a81b920c6c62ee2ba2e5654
- SSDEEP
  
  3072:bA3W6Fck6/g5DzNa4cMy/dzpd1dhdMdJGFEr6/vD:MW6NzcMy/d13FErgvD
Score

1^/10
behavioral22 behavioral23
- Target
  
  _five-nuker-contents-dir/frozenlist/_frozenlist.cp312-win_amd64.pyd
- Size
  
  84KB
- MD5
  
  d7193bea71087b94502c6b3a40120b04
- SHA1
  
  51aa3825a885a528356ba339f599c557e9973ec3
- SHA256
  
  886375bc6f0ff2bbd1e8280f8f1cb29c93f94b8e25b5076043cd796654c3a193
- SHA512
  
  c65cef39362a75814d40132f4f54f25f258c484dd011b12ae7051fa52865f025c960e4a3130c699b7eb1be375a3d2c3c3b733d6543338d7e40aad0488d305056
- SSDEEP
  
  1536:OwsZ607E6QFvkncm4nraT1G5YDHykXxA:o80w6QFsMWpG5YDHdXx
Score

1^/10
behavioral24 behavioral25
- Target
  
  _five-nuker-contents-dir/libcrypto-3.dll
- Size
  
  5.0MB
- MD5
  
  e547cf6d296a88f5b1c352c116df7c0c
- SHA1
  
  cafa14e0367f7c13ad140fd556f10f320a039783
- SHA256
  
  05fe080eab7fc535c51e10c1bd76a2f3e6217f9c91a25034774588881c3f99de
- SHA512
  
  9f42edf04c7af350a00fa4fdf92b8e2e6f47ab9d2d41491985b20cd0adde4f694253399f6a88f4bdd765c4f49792f25fb01e84ec03fd5d0be8bb61773d77d74d
- SSDEEP
  
  98304:n3+pefu6fSar+SJ8aqfPomg1CPwDvt3uFlDCE:3G+u6fb+SJ8aqfwmg1CPwDvt3uFlDCE
Score

1^/10
behavioral26 behavioral27
- Target
  
  _five-nuker-contents-dir/libffi-8.dll
- Size
  
  38KB
- MD5
  
  0f8e4992ca92baaf54cc0b43aaccce21
- SHA1
  
  c7300975df267b1d6adcbac0ac93fd7b1ab49bd2
- SHA256
  
  eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a
- SHA512
  
  6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978
- SSDEEP
  
  768:NiQfxQemQJNrPN+moyijAc5YiSyvkIPxWEqG:dfxIQvPkmoyijP7SytPxF
Score

1^/10
behavioral28 behavioral29
- Target
  
  _five-nuker-contents-dir/libssl-3.dll
- Size
  
  768KB
- MD5
  
  19a2aba25456181d5fb572d88ac0e73e
- SHA1
  
  656ca8cdfc9c3a6379536e2027e93408851483db
- SHA256
  
  2e9fbcd8f7fdc13a5179533239811456554f2b3aa2fb10e1b17be0df81c79006
- SHA512
  
  df17dc8a882363a6c5a1b78ba3cf448437d1118ccc4a6275cc7681551b13c1a4e0f94e30ffb94c3530b688b62bff1c03e57c2c185a7df2bf3e5737a06e114337
- SSDEEP
  
  12288:ytPc2nnGoNg4kSHoxX09yO5EavUFe9Xb12:y9jnnpTHoxXUsFe9XbM
Score

1^/10
behavioral30 behavioral31
- Target
  
  _five-nuker-contents-dir/multidict/_multidict.cp312-win_amd64.pyd
- Size
  
  45KB
- MD5
  
  ab3685f651c7821bbf03baf1d436b617
- SHA1
  
  f6306217ecaf5fa1dc8c78260d02dd2716903316
- SHA256
  
  1ef9e6eaff88cdcc0a32346b7b266a0e1d19716ecac07f16a189a7057ce971f9
- SHA512
  
  08e4d615ce5f9c565d54a16b1f475b6ad746b5d8e7f17248d235b5acd474333036bb33671c887bb64794b56ec910af28efbb7bed8bdea2eddd4bcd81c1b1fb70
- SSDEEP
  
  768:Z/wQrRHsQieOL0Jr4X+avKbrwtbrqM1L4bHB:lwesQOL0Jr4X+avOrO4b
Score

1^/10
behavioral32