Extracted

• • Target

    .packettracer

  • Size

    184B

  • MD5

    23e0d6741201dbc7f307b0d05373fae3

  • SHA1

    6666df2b250e7d39d969ba0b2ca37b899c05e952

  • SHA256

    ab7271c2dd8c3f1edc3ed8f7441cad0604558a5cfa4de0a0c8bd48918b8d6b82

  • SHA512

    24bb5ef1be466be1df1c8097bb60cc0ff48767188aa476d28e951f870b2252f8a91e5eb5ea31f267597581379ec7e2a288258fc847a5b794322b27fd7a423f7d

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwareworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Legitimate hosting services abused for malware hosting/C2

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1