Extracted

Extracted

• • Target

    cbc6280492f750af1c309663b8ac7936_JaffaCakes118

  • Size

    5.9MB

  • MD5

    cbc6280492f750af1c309663b8ac7936

  • SHA1

    313759fef5f703edc280862943a2e66215c08746

  • SHA256

    a1a775943e8efc9b499bb1d80ba452e99bd31761f11a1778226ab6bed57fed28

  • SHA512

    c37fbd4a7eaf0f3bf732d8cd5867a87014cd2c38bac60a3b75c7d4f62a69d9bd6fa2ae822291f0e72b1191af311e4e0f0df6fbe947a0608caa2dcaa7ce335c77

  • SSDEEP

    98304:SqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3AfMYycZ:SqPe1Cxcxk3ZAEUadzR8yc4gQbZ

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwarespywarestealerworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2