Wannacry: Detailed analysis (part 3 of 3)

​Ransomware itself typical The actual ransomware component itself is not all that remarkable, it does what ransomware does, encrypts a widerange of files and demands ransom, to be paid in bitcoins in a most insistent way. Here is a list of some of the files it encrypts. Expect more of the same to come What […]

Wannacry : Detailed analysis ( part 2 of 3 ) 

​Unpacking the PE file from the launcher If we unpack the PE file manually, it shows several layers. Any tool that dumps the resource (.rsrc) section of a PE file can be used. The file “R-1381” is the embedded PE file in the launcher. Running “R-1381” against the .rsrc dumper, we can see that it […]

Huge Cyberattack Hits Nearly 100 Countries With ‘Wanna Decryptor’ Malware

Hospitals, schools, companies and governments around the world were assessing the damage Saturday after a massive cyberattack hit almost 100 countries, infecting computers with malware that demanded ransom payments. No one has yet claimed the worldwide attack, which experts believe used tools stolen from the National Security Agency.Antivirus providerAvast reportedthat some 100,000 computers had been […]