General
-
Target
Google.te
-
Size
260B
-
Sample
240815-vr3y5stbqe
-
MD5
e26b2d7abcb2c951f8034899c79b0fd2
-
SHA1
947e5a6cc19e7c53cc440b9c918f17a1379aa9ee
-
SHA256
c891725703bfe4513e7c07f0dba190d6671cce8eb6f54c9920698d436d454b66
-
SHA512
b4aafcb590741bee50fb2fe10444670bcf0dbba31a9180b4c326123b90045935d9f14c372d3af0f3d541d0afa16ac085a132903ae8e164e76d621789ae1f00bf
Malware Config
Extracted
C:\Users\Admin\Documents\@[email protected]
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
Google.te
-
Size
260B
-
MD5
e26b2d7abcb2c951f8034899c79b0fd2
-
SHA1
947e5a6cc19e7c53cc440b9c918f17a1379aa9ee
-
SHA256
c891725703bfe4513e7c07f0dba190d6671cce8eb6f54c9920698d436d454b66
-
SHA512
b4aafcb590741bee50fb2fe10444670bcf0dbba31a9180b4c326123b90045935d9f14c372d3af0f3d541d0afa16ac085a132903ae8e164e76d621789ae1f00bf
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Direct Volume Access
1File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1Indicator Removal
2File Deletion
2Modify Registry
1