wannacry | 2e9e5c79b5389d694d3ef5911175fab3b5686cb7a23ed60c527d0bb1bb95a2f6 | Triage

Submit
Reports

Overview

overview

Static

static

44c577cb3c...ce.dll

windows7-x64

44c577cb3c...ce.dll

windows10-2004-x64

Sharing

General

Target

44c577cb3c64fb3c8da98424c1f359ce
Size

5.0MB
Sample

220720-bjfdbsaaa9
MD5

44c577cb3c64fb3c8da98424c1f359ce
SHA1

f63b937cc207692dfb9b7abc08af2c312f7a2110
SHA256

2e9e5c79b5389d694d3ef5911175fab3b5686cb7a23ed60c527d0bb1bb95a2f6
SHA512

4bb35bc01d946112bf41c3b9b9b799125d8c5d16ef785ca94476f59ce7d952305fd20644591530ef5872f5635994e370b5add63bb090b83ad4f8a579b8c38d5e

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

44c577cb3c64fb3c8da98424c1f359ce.dll

Resource

win7-20220718-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

44c577cb3c64fb3c8da98424c1f359ce.dll

Resource

win10v2004-20220414-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  44c577cb3c64fb3c8da98424c1f359ce
- Size
  
  5.0MB
- MD5
  
  44c577cb3c64fb3c8da98424c1f359ce
- SHA1
  
  f63b937cc207692dfb9b7abc08af2c312f7a2110
- SHA256
  
  2e9e5c79b5389d694d3ef5911175fab3b5686cb7a23ed60c527d0bb1bb95a2f6
- SHA512
  
  4bb35bc01d946112bf41c3b9b9b799125d8c5d16ef785ca94476f59ce7d952305fd20644591530ef5872f5635994e370b5add63bb090b83ad4f8a579b8c38d5e
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3107) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (978) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy