wannacry | 2b24654e5faf1b0e1210478bdf8b5bf1770836fa4dab32994340beceb587b621 | Triage

Submit
Reports

Overview

overview

Static

static

b2115b4138...7b.dll

windows7-x64

b2115b4138...7b.dll

windows10-2004-x64

Sharing

General

Target

b2115b4138ea487dd35e228c0061d67b
Size

5.0MB
Sample

220720-cnz4zaaeg9
MD5

b2115b4138ea487dd35e228c0061d67b
SHA1

036d4a4c13e47f76534487f1e1abc8e2edcbe942
SHA256

2b24654e5faf1b0e1210478bdf8b5bf1770836fa4dab32994340beceb587b621
SHA512

f9533fafe1da75b41e07b1953cdd0235ca9065a8964d6417cf86c2bac19beb1477d0cde2694745385d1eec4f3e0c379dc7e53fb8430b4dcabdc233cff18da4f3

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

b2115b4138ea487dd35e228c0061d67b.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2115b4138ea487dd35e228c0061d67b.dll

Resource

win10v2004-20220718-en

wannacry discovery ransomware worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b2115b4138ea487dd35e228c0061d67b
- Size
  
  5.0MB
- MD5
  
  b2115b4138ea487dd35e228c0061d67b
- SHA1
  
  036d4a4c13e47f76534487f1e1abc8e2edcbe942
- SHA256
  
  2b24654e5faf1b0e1210478bdf8b5bf1770836fa4dab32994340beceb587b621
- SHA512
  
  f9533fafe1da75b41e07b1953cdd0235ca9065a8964d6417cf86c2bac19beb1477d0cde2694745385d1eec4f3e0c379dc7e53fb8430b4dcabdc233cff18da4f3
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3241) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1256) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy