General
-
Target
241204-p8rpjswldw_pw_infected.zip
-
Size
150KB
-
Sample
241204-wgv18atmdz
-
MD5
1f058a563d0fc45c8bf17d2ecc770a83
-
SHA1
b0488b34e9cb5586e1b107548f4d73343ffe8cf5
-
SHA256
c8b985c529df83cb36fbf3f61f060e495885971e8408c315ad89621516e592f1
-
SHA512
f266c42323a60702d9b1f52dc7872980465c6ea1b5162b3b02d0616a15a157f186df8d29cc10dd8c3c7750e9fa0444619e185fad8bf97856f574616fefa784dc
-
SSDEEP
3072:bUN3Dm3iu/MSUjmxLVLtMrRYtYud7wBbhSj8pB4yA3FrE6lCWF42z:bUqi8MdjGLtMrRKpdMBepq6oK9z
Malware Config
Targets
-
-
Target
ce2194c96ebab334f8484a7a3e45e2c3bb74296fc5eddd335abf3f5c65f34967.exe
-
Size
6.4MB
-
MD5
8a016c4ee71532f20b892bb35eb954f4
-
SHA1
204c97ab720d12e6fa04cd8bea6da019c1d4317e
-
SHA256
ce2194c96ebab334f8484a7a3e45e2c3bb74296fc5eddd335abf3f5c65f34967
-
SHA512
a0ecffce2b724287e8ab01d23d95839d7e522bc27dc14be26b5089bf8704a46c176a87f02648f6ba646938217afb1b33c6e6557ff3dce528497d9b321310c9bd
-
SSDEEP
6144:YE9l9yKqIYVTH5DgSg8ajldktM0XXrV2QhMV9qb:YJbLgPluwQhMb
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Executes dropped EXE
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1