wannacry | a917952029deb1a0e3492291a08303bfd0da6f93480bb1da9a878b15e609bfc7 | Triage

Submit
Reports

Overview

overview

Static

static

50a4daa7e9...c9.dll

windows7-x64

50a4daa7e9...c9.dll

windows10-2004-x64

Sharing

General

Target

50a4daa7e9c1fc8a4b62457f9d7538c9
Size

5.0MB
Sample

220720-b6eejsagdl
MD5

50a4daa7e9c1fc8a4b62457f9d7538c9
SHA1

e2ab9e97df6457e299155213b88f53c22d55c6c4
SHA256

a917952029deb1a0e3492291a08303bfd0da6f93480bb1da9a878b15e609bfc7
SHA512

cda68bb356406414ee36534b0fb7c4a18919dbee9d489a5437c7b9f3bf32350df1bc08418a91181461ced9b99517715d104e46dc5f2f4c3b2e4408bb393ebbf4

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

50a4daa7e9c1fc8a4b62457f9d7538c9.dll

Resource

win7-20220718-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

50a4daa7e9c1fc8a4b62457f9d7538c9.dll

Resource

win10v2004-20220718-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  50a4daa7e9c1fc8a4b62457f9d7538c9
- Size
  
  5.0MB
- MD5
  
  50a4daa7e9c1fc8a4b62457f9d7538c9
- SHA1
  
  e2ab9e97df6457e299155213b88f53c22d55c6c4
- SHA256
  
  a917952029deb1a0e3492291a08303bfd0da6f93480bb1da9a878b15e609bfc7
- SHA512
  
  cda68bb356406414ee36534b0fb7c4a18919dbee9d489a5437c7b9f3bf32350df1bc08418a91181461ced9b99517715d104e46dc5f2f4c3b2e4408bb393ebbf4
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3213) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1190) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy