wannacry | 03e0bb1da81f91a28a822dee6e113ca82db76072a5159c27e76632b770191065 | Triage

Submit
Reports

Overview

overview

Static

static

7094602723...37.dll

windows7_x64

7094602723...37.dll

windows10-2004_x64

Sharing

General

Target

709460272380d30e81c5d1797b2ee1ab7fa62537.malware
Size

5.0MB
Sample

220222-nqfznagch8
MD5

a35833d30e65f9a68a74f86f0b432b0e
SHA1

709460272380d30e81c5d1797b2ee1ab7fa62537
SHA256

03e0bb1da81f91a28a822dee6e113ca82db76072a5159c27e76632b770191065
SHA512

cebc1fc2a8f617ad5847eb70e35f36d8fac4892546b25f29eed6a0ed2489e230c073903de6e2a121b5553a95e386e7cfef765bb1e964e3134fcf89b172624160

Score

10^/10

wannacry ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

709460272380d30e81c5d1797b2ee1ab7fa62537.dll

Resource

win7-en-20211208

wannacry ransomware worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

709460272380d30e81c5d1797b2ee1ab7fa62537.dll

Resource

win10v2004-en-20220113

wannacry ransomware worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  709460272380d30e81c5d1797b2ee1ab7fa62537.malware
- Size
  
  5.0MB
- MD5
  
  a35833d30e65f9a68a74f86f0b432b0e
- SHA1
  
  709460272380d30e81c5d1797b2ee1ab7fa62537
- SHA256
  
  03e0bb1da81f91a28a822dee6e113ca82db76072a5159c27e76632b770191065
- SHA512
  
  cebc1fc2a8f617ad5847eb70e35f36d8fac4892546b25f29eed6a0ed2489e230c073903de6e2a121b5553a95e386e7cfef765bb1e964e3134fcf89b172624160
Score

10^/10

wannacry ransomware worm
- Suspicious use of NtCreateProcessExOtherParentProcess
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

wannacryransomwareworm

© 2018-2024

Terms | Privacy