Overview

overview

10

Static

static

5fcd8cc470...18.dll

windows7-x64

10

5fcd8cc470...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fcd8cc470d769069f7e7c48498a6d18

  • Size

    5.0MB

  • Sample

    220720-dxgjnabhfr

  • MD5

    5fcd8cc470d769069f7e7c48498a6d18

  • SHA1

    062fd0720232c0a95808f50b9565d64c31e9fe48

  • SHA256

    95c2ba129dae7ef5a742da353bd914c504dc60c31228e99d85afb2303a7a518a

  • SHA512

    936d85ac815316208a7960f9d00523fd774ec17e48aae40750de3eebcb43c94f60c03e1150820e6033db0f35290f3977aec12792e53eaae600d9ae0330d2507f

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      5fcd8cc470d769069f7e7c48498a6d18

    • Size

      5.0MB

    • MD5

      5fcd8cc470d769069f7e7c48498a6d18

    • SHA1

      062fd0720232c0a95808f50b9565d64c31e9fe48

    • SHA256

      95c2ba129dae7ef5a742da353bd914c504dc60c31228e99d85afb2303a7a518a

    • SHA512

      936d85ac815316208a7960f9d00523fd774ec17e48aae40750de3eebcb43c94f60c03e1150820e6033db0f35290f3977aec12792e53eaae600d9ae0330d2507f

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3124) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1243) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks