Resubmissions
23/02/2025, 18:46
250223-xewqeavjbx 6General
-
Target
Ransomware.WannaCry.zip
-
Size
251KB
-
Sample
250223-xgkqxswmz6
-
MD5
9cdfc79d94f21648ee1ae562e4426d28
-
SHA1
766f941f22fce988add55fc2886c91c529076cf0
-
SHA256
0ca4aa51f69acce87376f776aff34a470ebbbee9e281cb4919d00ad1ce1b6a49
-
SHA512
1a3e5137e8b96fd0901683d933bbd24e6beb70252bb5c1f60310b1ec37e564b80e57c30a519af84e458ef2b5c16cf8351388436dd4c1acb75d4e69f74904de16
-
SSDEEP
6144:KbNm1pOL/saqkPV9FH2LqgIDSsmwc9fvZJT3CqbMrhryf65NRPaCieMjAkvCJv1y:kNm1pOL/saqkPV9FH2LqgIDSsmwc9fvH
Malware Config
Extracted
C:\Users\Admin\Documents\@[email protected]
wannacry
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn
Targets
-
-
Target
Ransomware.WannaCry.zip
-
Size
251KB
-
MD5
9cdfc79d94f21648ee1ae562e4426d28
-
SHA1
766f941f22fce988add55fc2886c91c529076cf0
-
SHA256
0ca4aa51f69acce87376f776aff34a470ebbbee9e281cb4919d00ad1ce1b6a49
-
SHA512
1a3e5137e8b96fd0901683d933bbd24e6beb70252bb5c1f60310b1ec37e564b80e57c30a519af84e458ef2b5c16cf8351388436dd4c1acb75d4e69f74904de16
-
SSDEEP
6144:KbNm1pOL/saqkPV9FH2LqgIDSsmwc9fvZJT3CqbMrhryf65NRPaCieMjAkvCJv1y:kNm1pOL/saqkPV9FH2LqgIDSsmwc9fvH
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Direct Volume Access
1File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1Indicator Removal
2File Deletion
2Modify Registry
1