wannacry | e9451972c4bc48feb055a082a1baf0dac4a7e321fc24ebb38e97303d5e231ff7 | Triage

Submit
Reports

Overview

overview

Static

static

b9e12bc016...75.dll

windows7-x64

b9e12bc016...75.dll

windows10-2004-x64

Sharing

General

Target

b9e12bc0168687acdf76c2a181f9dc75
Size

5.0MB
Sample

220720-c3kylabfcq
MD5

b9e12bc0168687acdf76c2a181f9dc75
SHA1

7ff85635f260c4ab5bcd75efa11c622248aeef4b
SHA256

e9451972c4bc48feb055a082a1baf0dac4a7e321fc24ebb38e97303d5e231ff7
SHA512

102a665d2b09fcc9ef23717a621062d0f9449bcb58f661c2091a61eb9d32acdb55f5bcf0a2c0e541b5215a2cda310133dabd221943c941087a7c871488c3e0c7

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

b9e12bc0168687acdf76c2a181f9dc75.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9e12bc0168687acdf76c2a181f9dc75.dll

Resource

win10v2004-20220715-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b9e12bc0168687acdf76c2a181f9dc75
- Size
  
  5.0MB
- MD5
  
  b9e12bc0168687acdf76c2a181f9dc75
- SHA1
  
  7ff85635f260c4ab5bcd75efa11c622248aeef4b
- SHA256
  
  e9451972c4bc48feb055a082a1baf0dac4a7e321fc24ebb38e97303d5e231ff7
- SHA512
  
  102a665d2b09fcc9ef23717a621062d0f9449bcb58f661c2091a61eb9d32acdb55f5bcf0a2c0e541b5215a2cda310133dabd221943c941087a7c871488c3e0c7
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3077) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (957) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy