Overview

overview

10

Static

static

54da6bc00c...b8.exe

windows7_x64

10

54da6bc00c...b8.exe

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    15-05-2021 02:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8.exe

  • Size

    2.2MB

  • MD5

    270714c8a9f6961da866cbf715716aa6

  • SHA1

    ffcf5228bd02207277b80f8c2b08d62ba1091c1c

  • SHA256

    54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8

  • SHA512

    b5db1f037106cb7ab401eebe94cda83793c8c2727d34065097926ea273d2e85b21e799dc7c0344afe52909eb15c4b4f6a4af2331f77774d510f53504c203694a

Score
10/10
wannacryransomwareworm

Malware Config

Signatures

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry
  • Drops file in System32 directory 7 IoCs
  • Drops file in Windows directory 1 IoCs
  • Modifies data under HKEY_USERS 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8.exe
    "C:\Users\Admin\AppData\Local\Temp\54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8.exe"
    1⤵
    • Drops file in Windows directory
    PID:4048
  • C:\Users\Admin\AppData\Local\Temp\54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8.exe
    C:\Users\Admin\AppData\Local\Temp\54da6bc00cc2fa79d601797a8c00b23c05ba8c677980defa1020e23a6ddf0ab8.exe -m security
    1⤵
    • Drops file in System32 directory
    • Modifies data under HKEY_USERS
    PID:1576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads