Overview

overview

10

Static

static

46f3bf3c09...4f.dll

windows7-x64

10

46f3bf3c09...4f.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46f3bf3c094bc3fb9eb27f29bb4abb4f

  • Size

    5.0MB

  • Sample

    220720-bjfdbsaedk

  • MD5

    46f3bf3c094bc3fb9eb27f29bb4abb4f

  • SHA1

    1c9c0306803fec08347632c71fc8764070999eee

  • SHA256

    f4048bacc029767ce323bdf41326c012bed6be87e9a371a9af116e189692db85

  • SHA512

    3588fac826f716beda85fa369afa5032b66bce02a487b25b0cfe7b93ddc827d3acd91a72f960dd19434a2552a904559e05bc4bd611748dc55b0473d49e5a4cdd

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      46f3bf3c094bc3fb9eb27f29bb4abb4f

    • Size

      5.0MB

    • MD5

      46f3bf3c094bc3fb9eb27f29bb4abb4f

    • SHA1

      1c9c0306803fec08347632c71fc8764070999eee

    • SHA256

      f4048bacc029767ce323bdf41326c012bed6be87e9a371a9af116e189692db85

    • SHA512

      3588fac826f716beda85fa369afa5032b66bce02a487b25b0cfe7b93ddc827d3acd91a72f960dd19434a2552a904559e05bc4bd611748dc55b0473d49e5a4cdd

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3225) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1507) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks