wannacry | 1d18c87cdc79ab31f7213ebbe9366fbc94a8d2632fda53531680b1b9eccd109d | Triage

Submit
Reports

Overview

overview

Static

static

13f8d4f309...28.dll

windows7-x64

13f8d4f309...28.dll

windows10-2004-x64

8

Sharing

General

Target

13f8d4f3097e98c843e9a594b7a9c128
Size

5.0MB
Sample

220720-dvrxlsbcf4
MD5

13f8d4f3097e98c843e9a594b7a9c128
SHA1

a808002fdd82d43a7c828ba501880a13e739c512
SHA256

1d18c87cdc79ab31f7213ebbe9366fbc94a8d2632fda53531680b1b9eccd109d
SHA512

782362654e5239fbfd927c415831049024839480e9e2a1f22e589d60a7b686a19be81e1875a6538d6d22886c53752db8abd13c549a09a3b7728eb8ade76eba6d

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

Behavioral task

behavioral1

Sample

13f8d4f3097e98c843e9a594b7a9c128.dll

Resource

win7-20220718-en

wannacry discovery ransomware worm

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

13f8d4f3097e98c843e9a594b7a9c128.dll

Resource

win10v2004-20220718-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  13f8d4f3097e98c843e9a594b7a9c128
- Size
  
  5.0MB
- MD5
  
  13f8d4f3097e98c843e9a594b7a9c128
- SHA1
  
  a808002fdd82d43a7c828ba501880a13e739c512
- SHA256
  
  1d18c87cdc79ab31f7213ebbe9366fbc94a8d2632fda53531680b1b9eccd109d
- SHA512
  
  782362654e5239fbfd927c415831049024839480e9e2a1f22e589d60a7b686a19be81e1875a6538d6d22886c53752db8abd13c549a09a3b7728eb8ade76eba6d
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (1278) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

© 2018-2024

Terms | Privacy