wannacry | 75cb9bdda5938f729989ffcc4359c9696c23ff2fd31f0ac46aafd3c62f8b14d1 | Triage

Submit
Reports

Overview

overview

Static

static

1979f40a1a...59.dll

windows7-x64

1979f40a1a...59.dll

windows10-2004-x64

Sharing

General

Target

1979f40a1a6ea5d1b3765d51106e1a59
Size

5.0MB
Sample

220720-a4msgaadap
MD5

1979f40a1a6ea5d1b3765d51106e1a59
SHA1

fa2aabea035923395843146ee3c94b80776a1911
SHA256

75cb9bdda5938f729989ffcc4359c9696c23ff2fd31f0ac46aafd3c62f8b14d1
SHA512

ec2d6234ce758e31d56cb0f7f6666bbecd731adae0d7d9fe1d98fa79af37aa65a23eb3deabd261b2743c690f29361b183736cded9203e933ec36c3af8fc1fe3d

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

1979f40a1a6ea5d1b3765d51106e1a59.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1979f40a1a6ea5d1b3765d51106e1a59.dll

Resource

win10v2004-20220414-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1979f40a1a6ea5d1b3765d51106e1a59
- Size
  
  5.0MB
- MD5
  
  1979f40a1a6ea5d1b3765d51106e1a59
- SHA1
  
  fa2aabea035923395843146ee3c94b80776a1911
- SHA256
  
  75cb9bdda5938f729989ffcc4359c9696c23ff2fd31f0ac46aafd3c62f8b14d1
- SHA512
  
  ec2d6234ce758e31d56cb0f7f6666bbecd731adae0d7d9fe1d98fa79af37aa65a23eb3deabd261b2743c690f29361b183736cded9203e933ec36c3af8fc1fe3d
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3140) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1543) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy