Extracted

• • Target

    iloveu.bat

  • Size

    407B

  • MD5

    a9939aeb66d847e99abd1e90fa338fb5

  • SHA1

    f96a93e367aad3cbc0ce6477c8dcef3a8bf6b33d

  • SHA256

    f9f37002a708c8f1c1fd97fa4c60f983eeaa64c455b0674a361a88864fd13637

  • SHA512

    6c06bc121f73af3dafa708da63fb1a6d59b32df472a5b42ccf999d07790083f3e7765c1b00d9966f318cd52cf2d3074fdcff98353102bded2593e68c4de5c310

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwareworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Legitimate hosting services abused for malware hosting/C2

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1