Extracted

• • Target

    shitting slander.mp4

  • Size

    6.6MB

  • MD5

    828c056e04acd9a83e57815943314c4e

  • SHA1

    c5a76db7258b6489702613d8a44487c9a2e66780

  • SHA256

    0051fa06a995e0daaa5d8d3a6aded51a32975cc3b2e5f38b5a45c3847501958e

  • SHA512

    e86ff8a95cd743fd3d5d9c13f0f46ea7828b1e871dfed8823d91ba82b84c774ed1ad37ef2a844cc3dfd3b7b3e4911ce69731d3b3d4947ad37fde5140877cf523

  • SSDEEP

    196608:YstmfvCUlMA+srvnQmtoOBTWcReW4fm11JqzgCkVL2:ayU1+0nQmtXWc0W4fm1H4gCk92

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwarespywarestealerworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1