wannacry | 5bbc4474a20ba7b969c2aa8677e2833c0a7c306f70f55853d00e3df54c0ae0da | Triage

Submit
Reports

Overview

overview

Static

static

mssecsvc.exe

windows7-x64

Resubmissions

19-07-2022 13:15

220719-qhn2eaccf5 10

19-07-2022 09:44

220719-lq1b7acacp 10

Sharing

General

Target

mssecsvc.exe
Size

3.6MB
Sample

220719-qhn2eaccf5
MD5

c39c3a9fd55d3eb1445ff15ff38c586d
SHA1

85d7541b20a85e68718ec9be6da09834147ee7d6
SHA256

5bbc4474a20ba7b969c2aa8677e2833c0a7c306f70f55853d00e3df54c0ae0da
SHA512

ba63768d70eca619a1aa207c34a58cfa9658dcb066679be27fbb0221a243baae9171769d0fadf8d7c1557621e8fff5b2d7149af4cf531dc8612a24b19135766a

Score

10^/10

wannacry discovery ransomware suricata worm

Static task

static1

Behavioral task

behavioral1

Sample

mssecsvc.exe

Resource

win7-20220718-en

wannacry discovery ransomware suricata worm

windows7-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  mssecsvc.exe
- Size
  
  3.6MB
- MD5
  
  c39c3a9fd55d3eb1445ff15ff38c586d
- SHA1
  
  85d7541b20a85e68718ec9be6da09834147ee7d6
- SHA256
  
  5bbc4474a20ba7b969c2aa8677e2833c0a7c306f70f55853d00e3df54c0ae0da
- SHA512
  
  ba63768d70eca619a1aa207c34a58cfa9658dcb066679be27fbb0221a243baae9171769d0fadf8d7c1557621e8fff5b2d7149af4cf531dc8612a24b19135766a
Score

10^/10

wannacry discovery ransomware suricata worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
  suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
  suricata
- suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
  suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
  suricata
- Contacts a large (653) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwaresuricataworm

© 2018-2024

Terms | Privacy