Overview

overview

10

Static

static

4c1ca3c037...2f.dll

windows7_x64

10

4c1ca3c037...2f.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4c1ca3c037f6bc8145b341d369f0c62f

  • Size

    5.0MB

  • Sample

    211210-y57q2abahp

  • MD5

    4c1ca3c037f6bc8145b341d369f0c62f

  • SHA1

    08c3364d9caec0a5860b588e2de192e62630d0dc

  • SHA256

    bf5e8f2528ba9a7d131497fd6ac99f30c10d2bd16ac67476b57db4c02576599f

  • SHA512

    801a063f5b83e99fa4fda52295b28f9eacf2fac64b0e3517b7c5759202bd7cb6c05a14461915183580edc5b77ca60485c238849bb7d90cb10ce953de6793a0dd

Score
10/10
wannacryransomwaresuricataworm

Malware Config

Targets

    • Target

      4c1ca3c037f6bc8145b341d369f0c62f

    • Size

      5.0MB

    • MD5

      4c1ca3c037f6bc8145b341d369f0c62f

    • SHA1

      08c3364d9caec0a5860b588e2de192e62630d0dc

    • SHA256

      bf5e8f2528ba9a7d131497fd6ac99f30c10d2bd16ac67476b57db4c02576599f

    • SHA512

      801a063f5b83e99fa4fda52295b28f9eacf2fac64b0e3517b7c5759202bd7cb6c05a14461915183580edc5b77ca60485c238849bb7d90cb10ce953de6793a0dd

    Score
    10/10
    wannacryransomwaresuricataworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • suricata: ET MALWARE Known Sinkhole Response Kryptos Logic

      suricata: ET MALWARE Known Sinkhole Response Kryptos Logic

      suricata

    • suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1

      suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1

      suricata

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks