wannacry | a1ef82ead049fd897874fa5e7e4fa23db225702186bf6ab87e537d67708753ad | Triage

Submit
Reports

Overview

overview

Static

static

new.exe

windows10-2004_x64

Sharing

General

Target

new.exe
Size

9.8MB
Sample

220403-z9npdsdfb3
MD5

d4f472e8286d35080ee0fe3c7fd07355
SHA1

bbafeb22e6b6639fc2f02dd000754813abcb5621
SHA256

a1ef82ead049fd897874fa5e7e4fa23db225702186bf6ab87e537d67708753ad
SHA512

646c8c6c617a62f3bbcca547894afc098ec1347cdb0376aaff1bd19ecbfe5a45c1f101bddade2098eb848e561ce8e34c90c7a433f696be877de9991cfcc9ce3d

Score

10^/10

wannacry discovery evasion ransomware upx worm

Static task

static1

Behavioral task

behavioral1

Sample

new.exe

Resource

win10v2004-20220331-en

wannacry discovery evasion ransomware upx worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  new.exe
- Size
  
  9.8MB
- MD5
  
  d4f472e8286d35080ee0fe3c7fd07355
- SHA1
  
  bbafeb22e6b6639fc2f02dd000754813abcb5621
- SHA256
  
  a1ef82ead049fd897874fa5e7e4fa23db225702186bf6ab87e537d67708753ad
- SHA512
  
  646c8c6c617a62f3bbcca547894afc098ec1347cdb0376aaff1bd19ecbfe5a45c1f101bddade2098eb848e561ce8e34c90c7a433f696be877de9991cfcc9ce3d
Score

10^/10

wannacry discovery evasion ransomware upx worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Stops running service(s)
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Modify Existing Service

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Impair Defenses

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

Tasks

static1

behavioral1

wannacrydiscoveryevasionransomwareupxworm

© 2018-2024

Terms | Privacy