wannacry | e18ce32660f224ed447568de1b163f1b393491c577480cc207b99829ccf9b8db | Triage

Submit
Reports

Overview

overview

Static

static

new.exe

windows10-2004_x64

Sharing

General

Target

new.exe
Size

9.8MB
Sample

220403-1aqv5shfdl
MD5

0db40745253ee7a55c924099dd796f9f
SHA1

2aa4a07c80df288b651504e0683abe20e4510404
SHA256

e18ce32660f224ed447568de1b163f1b393491c577480cc207b99829ccf9b8db
SHA512

2880b749263c284d2e94154ec044ca5c5851ec52e62fc940cde893c28699e7c07c655db91ae3f94b71f3eabf47eeb8a262a7042222bfbc0c51167a99e6a96588

Score

10^/10

wannacry discovery evasion ransomware upx worm

Static task

static1

Behavioral task

behavioral1

Sample

new.exe

Resource

win10v2004-20220331-en

wannacry discovery evasion ransomware upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  new.exe
- Size
  
  9.8MB
- MD5
  
  0db40745253ee7a55c924099dd796f9f
- SHA1
  
  2aa4a07c80df288b651504e0683abe20e4510404
- SHA256
  
  e18ce32660f224ed447568de1b163f1b393491c577480cc207b99829ccf9b8db
- SHA512
  
  2880b749263c284d2e94154ec044ca5c5851ec52e62fc940cde893c28699e7c07c655db91ae3f94b71f3eabf47eeb8a262a7042222bfbc0c51167a99e6a96588
Score

10^/10

wannacry discovery evasion ransomware upx worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Stops running service(s)
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Hidden Files and Directories

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

wannacrydiscoveryevasionransomwareupxworm

© 2018-2024

Terms | Privacy