Overview

overview

10

Static

static

5fc475dfe7...99.dll

windows7-x64

10

5fc475dfe7...99.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fc475dfe7208fedcf1e88c865306999

  • Size

    5.0MB

  • Sample

    220720-cgppnaacg2

  • MD5

    5fc475dfe7208fedcf1e88c865306999

  • SHA1

    537d2c5ffd3d7695ba8a8fef7d7d89c006db9ccc

  • SHA256

    09e6086b3be2835f471faf4bfdb9621392bade4ab32b6115a81adf722d6f5e10

  • SHA512

    0627e503a34e182a1fe4e20cc8855a21f0ecfa032440753a47ebdb2023dbaa70be987b2123c9886109bd7f5f4e168c5a55045744df6c7e4aeb0a385c83a65ec7

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      5fc475dfe7208fedcf1e88c865306999

    • Size

      5.0MB

    • MD5

      5fc475dfe7208fedcf1e88c865306999

    • SHA1

      537d2c5ffd3d7695ba8a8fef7d7d89c006db9ccc

    • SHA256

      09e6086b3be2835f471faf4bfdb9621392bade4ab32b6115a81adf722d6f5e10

    • SHA512

      0627e503a34e182a1fe4e20cc8855a21f0ecfa032440753a47ebdb2023dbaa70be987b2123c9886109bd7f5f4e168c5a55045744df6c7e4aeb0a385c83a65ec7

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (2609) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1327) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks