Extracted

• • Target

    main.go

  • Size

    5KB

  • MD5

    3cc0d416c4ce3235ce06580ddcddcd22

  • SHA1

    6f63166d2fb6855149aa7bf16706ed9c6580b28a

  • SHA256

    deee2ea8dbf5abd5e3ed3bf22b9a06a0a1e3b127e24f0c7cf7177bf160e45a7e

  • SHA512

    0d1819acf9ad338db114930d99c69506a01388b5c2bed25217307671e45224427458f96b40d940f0fc91e62694e00201ac2f8e6f6d90d0ca6ba92dc81e98fe23

  • SSDEEP

    96:C58jbrWRqQk5f5ihdMhMO015lgVY/Wa8pgYWWp/Q:sSDihXDM8WO

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwarespywarestealerworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Downloads MZ/PE file

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Legitimate hosting services abused for malware hosting/C2

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1