wannacry | 8984534b84ac860b4f2a8e99a6fe911b22cc21320ba1bb0c5a1bb1fd1d52bea1 | Triage

Submit
Reports

Overview

overview

Static

static

14f964c2a2...76.dll

windows7-x64

14f964c2a2...76.dll

windows10-2004-x64

Sharing

General

Target

14f964c2a20d1e25ffc3457367909b76
Size

5.0MB
Sample

220720-dp7e4sbcb6
MD5

14f964c2a20d1e25ffc3457367909b76
SHA1

38095333280b2976026866ee9efd050cb1646b94
SHA256

8984534b84ac860b4f2a8e99a6fe911b22cc21320ba1bb0c5a1bb1fd1d52bea1
SHA512

e28c163a09be95d29fe126b4f3bd393b60c52e70400180479fd4c1551fcaf47a366e4a4a158979504431d60b3300285b8c2574d23742515aec7b6c7ff9871f91

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

14f964c2a20d1e25ffc3457367909b76.dll

Resource

win7-20220715-en

wannacry discovery ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

14f964c2a20d1e25ffc3457367909b76.dll

Resource

win10v2004-20220718-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  14f964c2a20d1e25ffc3457367909b76
- Size
  
  5.0MB
- MD5
  
  14f964c2a20d1e25ffc3457367909b76
- SHA1
  
  38095333280b2976026866ee9efd050cb1646b94
- SHA256
  
  8984534b84ac860b4f2a8e99a6fe911b22cc21320ba1bb0c5a1bb1fd1d52bea1
- SHA512
  
  e28c163a09be95d29fe126b4f3bd393b60c52e70400180479fd4c1551fcaf47a366e4a4a158979504431d60b3300285b8c2574d23742515aec7b6c7ff9871f91
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2671) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1310) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy