wannacry | e757bb95fbc30035aefcfb2fedfa74a6f6f09e7b3cf7c4aef4dacceaaaa87534 | Triage

Submit
Reports

Overview

overview

Static

static

fd9eebbe0f...81.dll

windows7-x64

fd9eebbe0f...81.dll

windows10-2004-x64

Sharing

General

Target

fd9eebbe0f47a9f0bccabc5042963981
Size

5.0MB
Sample

220720-ck5kaabaen
MD5

fd9eebbe0f47a9f0bccabc5042963981
SHA1

33fa47d9946095fb319a495a353881fc7149bde0
SHA256

e757bb95fbc30035aefcfb2fedfa74a6f6f09e7b3cf7c4aef4dacceaaaa87534
SHA512

73526926892ec43a6cb5e850658cf48d95f517e7828c8c63e010f9f219d48be806569132b9f83a1d55bbcd2fed51303d22dbdf511e0bb58c0f7e955cdd5d7783

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

fd9eebbe0f47a9f0bccabc5042963981.dll

Resource

win7-20220718-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fd9eebbe0f47a9f0bccabc5042963981.dll

Resource

win10v2004-20220718-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fd9eebbe0f47a9f0bccabc5042963981
- Size
  
  5.0MB
- MD5
  
  fd9eebbe0f47a9f0bccabc5042963981
- SHA1
  
  33fa47d9946095fb319a495a353881fc7149bde0
- SHA256
  
  e757bb95fbc30035aefcfb2fedfa74a6f6f09e7b3cf7c4aef4dacceaaaa87534
- SHA512
  
  73526926892ec43a6cb5e850658cf48d95f517e7828c8c63e010f9f219d48be806569132b9f83a1d55bbcd2fed51303d22dbdf511e0bb58c0f7e955cdd5d7783
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2659) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (690) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy