wannacry | 458d19c4e0d41353ade3b5eb94815436ac911ad13c2fa525f753d5ef182f417f | Triage

Submit
Reports

Overview

overview

Static

static

mssecsvr.exe

windows7_x64

Resubmissions

20-01-2022 15:08

220120-shvkasadfn 10

20-01-2022 15:01

220120-sd87wsadek 10

20-01-2022 14:52

220120-r81zbsadcm 10

Sharing

General

Target

mssecsvr.exe
Size

2.2MB
Sample

220120-shvkasadfn
MD5

142db3228dd9177f5fdaec26d0f0e19a
SHA1

f4f080d897a4fe16aa557a3499a7d495db62148b
SHA256

458d19c4e0d41353ade3b5eb94815436ac911ad13c2fa525f753d5ef182f417f
SHA512

07a24755cc8e53669065d3dcfaee9ff6670670242b4e7f5ddd82f75501923372a394063f3b6a9fcd27cf67eb84a152e3b7b7c7d0327d22e2591fb47dec9053cf

Score

10^/10

wannacry evasion ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

mssecsvr.exe

Resource

win7-en-20211208

wannacry evasion ransomware worm

windows7_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  mssecsvr.exe
- Size
  
  2.2MB
- MD5
  
  142db3228dd9177f5fdaec26d0f0e19a
- SHA1
  
  f4f080d897a4fe16aa557a3499a7d495db62148b
- SHA256
  
  458d19c4e0d41353ade3b5eb94815436ac911ad13c2fa525f753d5ef182f417f
- SHA512
  
  07a24755cc8e53669065d3dcfaee9ff6670670242b4e7f5ddd82f75501923372a394063f3b6a9fcd27cf67eb84a152e3b7b7c7d0327d22e2591fb47dec9053cf
Score

10^/10

wannacry evasion ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Stops running service(s)
  evasion
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

wannacryevasionransomwareworm

© 2018-2024

Terms | Privacy