wannacry | 4fc4653295c499d00892a9f2bbffa8851e5f65e2d05fd76534f80e805433d0a3 | Triage

Sharing

General

Target

mssecsvc.zip
Size

6.2MB
Sample

220307-zc33tafge5
MD5

ddb352ae8c45903c094c95d6cb1398ec
SHA1

1a603fb71e9d7b31074a1aa6f26dd004f66b1730
SHA256

4fc4653295c499d00892a9f2bbffa8851e5f65e2d05fd76534f80e805433d0a3
SHA512

2273553ab81ace31219bdd17a6253b73dbc73bb2093cdd881bba41149977bf456698cdcfe3332136471752d3578f7eb4c278fd665739ea798bfc3a53d1945e15

Score

10^/10

wannacry ransomware worm

Malware Config

Targets

- Target
  
  mssecsvc.exe
- Size
  
  3.6MB
- MD5
  
  07f0244944f38d57debcef6cc1b3d428
- SHA1
  
  046a14767c91d2c5b62e0dd1631651ee405d107f
- SHA256
  
  28b7db359e2fe815614e05871dd192d82b2a2d9ab2b3f9a34faaa92fd0d1b055
- SHA512
  
  cd823ba15213973098a5cc4e0d2ffbd5df24fb5f4fba670ee436a268f6ac68553beef8c01f25a33d66f0ee2ffc35590580b37610b1d7fcffe651fad87c236d2a
Score

10^/10

wannacry ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Drops file in System32 directory
behavioral1
- Target
  
  qeriuwjhrf
- Size
  
  3.4MB
- MD5
  
  aefdbea94a569f2c339071655dc31e0b
- SHA1
  
  b8f42860730b20e4f52e29dd025ac9e69a1e266b
- SHA256
  
  b70ceaeba4e784ab4914916460c1772d0cea9726e7c6649d501480a7560b9e9e
- SHA512
  
  543c558969c417b3cbcdeb36fb1b14ab1f687b15b455e9ae414994dfa3c219dfdbd7b1c2039fd8164f70b895deecc08ecfd9f3ec65b3cbdacbd9292bea856af1
Score

1^/10
behavioral2
- Target
  
  tasksche.exe
- Size
  
  3.4MB
- MD5
  
  aefdbea94a569f2c339071655dc31e0b
- SHA1
  
  b8f42860730b20e4f52e29dd025ac9e69a1e266b
- SHA256
  
  b70ceaeba4e784ab4914916460c1772d0cea9726e7c6649d501480a7560b9e9e
- SHA512
  
  543c558969c417b3cbcdeb36fb1b14ab1f687b15b455e9ae414994dfa3c219dfdbd7b1c2039fd8164f70b895deecc08ecfd9f3ec65b3cbdacbd9292bea856af1
Score

1^/10
behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

behavioral3