wannacry | cff37b00a90722f2fdedc72e23026cd26f4eb9b020976195db481e9d7fe0e11c | Triage

Submit
Reports

Overview

overview

Static

static

41b7ce4931...de.dll

windows7-x64

41b7ce4931...de.dll

windows10-2004-x64

Sharing

General

Target

41b7ce4931c04d964a28f41e80920cde
Size

5.0MB
Sample

220720-azmxnshgf8
MD5

41b7ce4931c04d964a28f41e80920cde
SHA1

2f00e3270fbcddfcb875a3ac571b00edc60ebe9d
SHA256

cff37b00a90722f2fdedc72e23026cd26f4eb9b020976195db481e9d7fe0e11c
SHA512

fc3586e89f227148a0eafebb76b44ffc61dc24aa0a4ce5cfe863c4b16340a7f900eaac7286ffeff242ba26584a8f219f01f3d9a48dcfd3eaa0e42d4c87b4a037

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

41b7ce4931c04d964a28f41e80920cde.dll

Resource

win7-20220718-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

41b7ce4931c04d964a28f41e80920cde.dll

Resource

win10v2004-20220414-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  41b7ce4931c04d964a28f41e80920cde
- Size
  
  5.0MB
- MD5
  
  41b7ce4931c04d964a28f41e80920cde
- SHA1
  
  2f00e3270fbcddfcb875a3ac571b00edc60ebe9d
- SHA256
  
  cff37b00a90722f2fdedc72e23026cd26f4eb9b020976195db481e9d7fe0e11c
- SHA512
  
  fc3586e89f227148a0eafebb76b44ffc61dc24aa0a4ce5cfe863c4b16340a7f900eaac7286ffeff242ba26584a8f219f01f3d9a48dcfd3eaa0e42d4c87b4a037
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3184) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1213) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy