wannacry | da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c | Triage

Submit
Reports

Overview

overview

Static

static

da8e52d81e...2c.dll

windows7_x64

da8e52d81e...2c.dll

windows10_x64

Sharing

General

Target

da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c
Size

5.0MB
Sample

210515-4hz2325rba
MD5

b7aaeb286309a92f575247014054dc9a
SHA1

5420861f432a03c2371cd2d38dfa7b311dc4b4b8
SHA256

da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c
SHA512

e4cfe25feb734f93b1c861ad8ae384f04d19773e4c7a081b82150b4d532ebc52c68516c6f8d6281ac32ae61b0f1689b204c541db965158fc7c1a0adf27d5cd0c

Score

10^/10

wannacry evasion ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c.dll

Resource

win7v20210410

wannacry ransomware worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c.dll

Resource

win10v20210408

wannacry evasion ransomware worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c
- Size
  
  5.0MB
- MD5
  
  b7aaeb286309a92f575247014054dc9a
- SHA1
  
  5420861f432a03c2371cd2d38dfa7b311dc4b4b8
- SHA256
  
  da8e52d81e4475ba9da841ae1d0b4cea23cf4c0dfe39bf102187e657f51aa02c
- SHA512
  
  e4cfe25feb734f93b1c861ad8ae384f04d19773e4c7a081b82150b4d532ebc52c68516c6f8d6281ac32ae61b0f1689b204c541db965158fc7c1a0adf27d5cd0c
Score

10^/10

wannacry ransomware worm evasion
- Modifies firewall policy service
  evasion
- Suspicious use of NtCreateProcessExOtherParentProcess
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

wannacryevasionransomwareworm

© 2018-2024

Terms | Privacy