Overview

overview

10

Static

static

1

hel.txt

windows10-2004-x64

10

Resubmissions

06-09-2024 19:14

240906-xxybystcpm 10

06-09-2024 19:08

240906-xtlhzstdmd 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hel.txt

  • Size

    406B

  • Sample

    240906-xxybystcpm

  • MD5

    15da365f4f090a3e38d8329e6860ba83

  • SHA1

    093b8444b4d0bb1e91255b5cd9e875738c2ce916

  • SHA256

    2fed09c8225b81f260bc0f3ef29ca802ad881d408a7ea9b81b9fcbf15783c0ac

  • SHA512

    316daa931daeb1c60b970363d1d6269f52ff7c7e829e4c3e9e90321fc97fc0dc8278de53417765b4d3372eb8da1e6bbb33bea9e2f1f7be4b588ba5acd36811b7

Score
10/10
wannacrybootkitdefense_evasiondiscoveryevasionexecutionimpactpersistenceransomwareworm

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\@[email protected]

Family

wannacry

Ransom Note
Q: What's wrong with my files? A: Ooops, your important files are encrypted. It means you will not be able to access them anymore until they are decrypted. If you follow our instructions, we guarantee that you can decrypt all your files quickly and safely! Let's start decrypting! Q: What do I do? A: First, you need to pay service fees for the decryption. Please send $300 worth of bitcoin to this bitcoin address: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94 Next, please find an application file named "@[email protected]". It is the decrypt software. Run and follow the instructions! (You may need to disable your antivirus for a while.) Q: How can I trust? A: Don't worry about decryption. We will decrypt your files surely because nobody will trust us if we cheat users. * If you need our assistance, send a message by clicking <Contact Us> on the decryptor window. �
Wallets

13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

Targets

MITRE ATT&CK Enterprise v15

Tasks