wannacry | 73535b324709d94186c9fd0ad63875c862ae2b35d69724ac5ab282d5266a86e0 | Triage

Submit
Reports

Overview

overview

Static

static

b1d5e1bc6f...64.dll

windows7-x64

b1d5e1bc6f...64.dll

windows10-2004-x64

Sharing

General

Target

b1d5e1bc6f427072bc7d3453e6902764
Size

5.0MB
Sample

220720-c2fx9abac6
MD5

b1d5e1bc6f427072bc7d3453e6902764
SHA1

578bcba7a2fef38f9adfa5651420ce04beed358c
SHA256

73535b324709d94186c9fd0ad63875c862ae2b35d69724ac5ab282d5266a86e0
SHA512

77ececa63b4bf1e1c2a9d0eeab75a76268086aa9d2b9a7f8d92579ec47357d5187d9275813136200c47a39b144037a5512bec82e5d0c64001fd83f553eec5110

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

b1d5e1bc6f427072bc7d3453e6902764.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1d5e1bc6f427072bc7d3453e6902764.dll

Resource

win10v2004-20220414-en

wannacry discovery ransomware worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b1d5e1bc6f427072bc7d3453e6902764
- Size
  
  5.0MB
- MD5
  
  b1d5e1bc6f427072bc7d3453e6902764
- SHA1
  
  578bcba7a2fef38f9adfa5651420ce04beed358c
- SHA256
  
  73535b324709d94186c9fd0ad63875c862ae2b35d69724ac5ab282d5266a86e0
- SHA512
  
  77ececa63b4bf1e1c2a9d0eeab75a76268086aa9d2b9a7f8d92579ec47357d5187d9275813136200c47a39b144037a5512bec82e5d0c64001fd83f553eec5110
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2468) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1306) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy