wannacry | db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc | Triage

Submit
Reports

Overview

overview

Static

static

db3b12cf7b...dc.dll

windows7_x64

db3b12cf7b...dc.dll

windows10_x64

Sharing

General

Target

db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
Size

5.0MB
Sample

210516-7rx4flbx3j
MD5

6d79ba975f8108d77440c5c47efd7c0a
SHA1

eb7b02421ab151d0562df4acc1b08d27fcbfe145
SHA256

db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
SHA512

b128391a51dc6fdeab7a8421b5b1504ef490018770bf82edc375d30267ca473f426fd3a2107466c3ce205e4ba92d282e98fea4bafa08b8f62c5187f68a04df18

Score

10^/10

wannacry evasion ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc.dll

Resource

win7v20210410

wannacry ransomware worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc.dll

Resource

win10v20210408

wannacry evasion ransomware worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
- Size
  
  5.0MB
- MD5
  
  6d79ba975f8108d77440c5c47efd7c0a
- SHA1
  
  eb7b02421ab151d0562df4acc1b08d27fcbfe145
- SHA256
  
  db3b12cf7bdfead707990ceeff2011a92f7dab94a38fe419320d31a3fd8274dc
- SHA512
  
  b128391a51dc6fdeab7a8421b5b1504ef490018770bf82edc375d30267ca473f426fd3a2107466c3ce205e4ba92d282e98fea4bafa08b8f62c5187f68a04df18
Score

10^/10

wannacry ransomware worm evasion
- Modifies firewall policy service
  evasion
- Suspicious use of NtCreateProcessExOtherParentProcess
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

wannacryevasionransomwareworm

© 2018-2024

Terms | Privacy