wannacry | 3a6a46d70b600988f8f809db8b6a8e812416ab138d58381a79363882df3999f0 | Triage

Submit
Reports

Overview

overview

Static

static

Windows/MSSECSVC.exe

windows7_x64

Windows/MSSECSVC.exe

windows10-2004_x64

Sharing

General

Target

3a6a46d70b600988f8f809db8b6a8e812416ab138d58381a79363882df3999f0
Size

3.3MB
Sample

220625-ejdfhsfeb9
MD5

131d0488e119529e3265c2dcad26f3f7
SHA1

5bc3c21b36792aa206277cc5483d59661b0c847c
SHA256

3a6a46d70b600988f8f809db8b6a8e812416ab138d58381a79363882df3999f0
SHA512

655c5abbb58b08545698dea59a1b128e539e2966497a17f7d0f3ac168820f98fa36f8a9943220a395e756e32afb7e92818232052faf8401ec96113f12a6ae3c1

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

Windows/MSSECSVC.exe

Resource

win7-20220414-en

wannacry discovery ransomware worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Windows/MSSECSVC.exe

Resource

win10v2004-20220414-en

wannacry discovery ransomware worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Windows/MSSECSVC.EXE
- Size
  
  3.6MB
- MD5
  
  03baffc5d9239b588a88d52978448db6
- SHA1
  
  c9b9062f1fa1681481f0a787fbe1fe8b6b6d6486
- SHA256
  
  09d086a2f16d620a4c4fd823651fa652f22eb27bb563b682d9372afa69f7662c
- SHA512
  
  ae8eabb41df5a4d2cdf04929269e822e8d8911c5e891244d257e85b6013b6a8028938e3287132b2e1ec2edc8e2113f51f52ff2d4d77e54b83f9a730582abccf3
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2374) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1265) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy