This article is in continuation with the previous post, Some more deep investigation has been done which is reported in this article.
Sample : 593bbcc8f34047da9960b8456094c0eaf69caaf16f1626b813484207df8bd8af
The sample has all the 3 bitcoin addresses hard-coded in the malware. The reason why all the three bitcoin wallet addresses are embedded is to ensure that incase one address cannot proceed the payment the other wallet addresses will be used.
In light to the recent cyber attack of ransomware which goes by the name “WannaCry” has affected more over 99 countries. This attack is believed to use the exploit tool called “ETERNALBLUE” which was leaked from the NSA, by the hacker group called ShadowBrokers.