wannacry | 8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38 | Triage

Submit
Reports

Overview

overview

Static

static

8810123ec8...38.dll

windows7_x64

8810123ec8...38.dll

windows10_x64

Sharing

General

Target

8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38
Size

5.0MB
Sample

210515-vqjx23b39e
MD5

8d7129d1ad154ae0f261b44b37b6ca01
SHA1

6e6a12140fb66cd4dc21fe2fbcef6bb916796d97
SHA256

8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38
SHA512

c7fe58ea40f9934762665c3221ce186964c4be877d05ade49ca9c7a8380c09487de859f71976f8b826f9f68a635bec1a9e8dc8f8069fc980d0df091e4f2d9145

Score

10^/10

wannacry evasion ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38.dll

Resource

win7v20210410

wannacry ransomware worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38.dll

Resource

win10v20210410

wannacry evasion ransomware worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38
- Size
  
  5.0MB
- MD5
  
  8d7129d1ad154ae0f261b44b37b6ca01
- SHA1
  
  6e6a12140fb66cd4dc21fe2fbcef6bb916796d97
- SHA256
  
  8810123ec8fabd8acb91a396572db3229971f85e788ef958022217f8a858ad38
- SHA512
  
  c7fe58ea40f9934762665c3221ce186964c4be877d05ade49ca9c7a8380c09487de859f71976f8b826f9f68a635bec1a9e8dc8f8069fc980d0df091e4f2d9145
Score

10^/10

wannacry ransomware worm evasion
- Modifies firewall policy service
  evasion
- Suspicious use of NtCreateProcessExOtherParentProcess
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

wannacryevasionransomwareworm

© 2018-2024

Terms | Privacy