wannacry | 8f683813f5d1c56c69aa0131562fbdf9dbc61a140e8936015880d42c7c03cacd | Triage

Submit
Reports

Overview

overview

Static

static

84c2b1a2d6...43.dll

windows7-x64

84c2b1a2d6...43.dll

windows10-2004-x64

Sharing

General

Target

84c2b1a2d6c00476b0aea797cfc10543
Size

5.0MB
Sample

220720-a33sashgh9
MD5

84c2b1a2d6c00476b0aea797cfc10543
SHA1

1061bab1a894595bbf7f5e30b40fb0f9bac9fe41
SHA256

8f683813f5d1c56c69aa0131562fbdf9dbc61a140e8936015880d42c7c03cacd
SHA512

e715890991da39e558d939352a6b9d2df8ef5e079e1ac97f09e7949b77facae7eaf01ee5530ae0274081963fa31a93e8e509792e43a80cb1d29cabccb0d785a5

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

84c2b1a2d6c00476b0aea797cfc10543.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

84c2b1a2d6c00476b0aea797cfc10543.dll

Resource

win10v2004-20220718-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  84c2b1a2d6c00476b0aea797cfc10543
- Size
  
  5.0MB
- MD5
  
  84c2b1a2d6c00476b0aea797cfc10543
- SHA1
  
  1061bab1a894595bbf7f5e30b40fb0f9bac9fe41
- SHA256
  
  8f683813f5d1c56c69aa0131562fbdf9dbc61a140e8936015880d42c7c03cacd
- SHA512
  
  e715890991da39e558d939352a6b9d2df8ef5e079e1ac97f09e7949b77facae7eaf01ee5530ae0274081963fa31a93e8e509792e43a80cb1d29cabccb0d785a5
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3100) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1242) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy