Extracted

• • Target

    download (3).png

  • Size

    2KB

  • MD5

    8e3eccb3f88e46f4aa1605a462a9da7b

  • SHA1

    5e18054a1090ebd04cf029db4c6d08b2bf50ca09

  • SHA256

    3569af7e0af03514cc35cde5efa2e5fbd33c5494f3fa63b201c601c7e5b8656a

  • SHA512

    9ce17b8cd5378889fac7fc3b208915233ac7260d7c510bd4c247d7a9940e50e508755c4f0c6bdd7c8ec010c391447db20d70c3dcddb939f76d6b0b1446c9059a

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwareworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Legitimate hosting services abused for malware hosting/C2

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1