Extracted

• • Target

    101010.exe

  • Size

    4.0MB

  • MD5

    fc4c304471cd3c83b853cbaef89f8262

  • SHA1

    af06acb7b9f9ea211ac2a09cf2d68f2080365486

  • SHA256

    c0c05056daaef49caf758aa9c998dbbf1172710da98123ad81cb40cd5c4bffcd

  • SHA512

    fc7de735286d2bc3c7e2200f64afd158d6b8b33e3b69248d6c8d6f3142db9034a4131dd84be0b3101af1a008c22b6c17d5f1ef8dffcf5e1e67baf4aedcf83b38

  • SSDEEP

    98304:bqwmeNcoyzZFBks3UFSuof/iXuNNeDiiPW2jbYVFz:bqwmeNbyl3k0USuof/ieLie22Fz

  Score

  10^/10

  wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwarespywarestealerworm

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry

  • Wannacry family

    wannacry

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies file permissions

    discovery

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    defense_evasion

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1