Overview

overview

10

Static

static

150e4b841f...05.dll

windows7-x64

10

150e4b841f...05.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    150e4b841fe23355e211a194d1651b05

  • Size

    5.0MB

  • Sample

    220720-b7kb7aabh3

  • MD5

    150e4b841fe23355e211a194d1651b05

  • SHA1

    5f4b745fccc00deda14c9734a7d674c544988974

  • SHA256

    8b4cbe2178443b6850797809888a8034ec392f7da4cdfa101405e8089fd79904

  • SHA512

    696b033baedbb1f57bc7136389c5fd3de580c36483acb1c7e9409504a9c668828950b733a1db79687da1ccb93bb6d29d28f667060be50a075d25307a17f2b845

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      150e4b841fe23355e211a194d1651b05

    • Size

      5.0MB

    • MD5

      150e4b841fe23355e211a194d1651b05

    • SHA1

      5f4b745fccc00deda14c9734a7d674c544988974

    • SHA256

      8b4cbe2178443b6850797809888a8034ec392f7da4cdfa101405e8089fd79904

    • SHA512

      696b033baedbb1f57bc7136389c5fd3de580c36483acb1c7e9409504a9c668828950b733a1db79687da1ccb93bb6d29d28f667060be50a075d25307a17f2b845

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3264) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1251) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks