WanaCrypt0r-Reverse-Analysis

Record my reverse analysis of WanaCrypt0r

• Get RSA 1172 Test Private Key,use to decrypt test file
• Get RSA 276 Test Public Key,use to encrypt test file
• Get RSA 276 Master Public Key,use to encrypt User's file
• Get crypt.dll,WanaCrypt0r released an encrypted file named t.wnry,then decrypt it and load it from memory
• Draw a flow chart of tasksche.exe

More details：

https://3gstudent.github.io/%E9%80%86%E5%90%91%E5%88%86%E6%9E%90-%E4%BD%BF%E7%94%A8IDA%E5%8A%A8%E6%80%81%E8%B0%83%E8%AF%95WanaCrypt0r%E4%B8%AD%E7%9A%84tasksche.exe