wannacry | 495956157d35d72a276365fab6b4ec6387b2552d67444227dd4e1ade8336156c | Triage

Sharing

General

Target

495956157d35d72a276365fab6b4ec6387b2552d67444227dd4e1ade8336156c
Size

5.0MB
Sample

221012-d8dl5scchk
MD5

a51beb6c0ac1650cc9161d77a7b4ffe4
SHA1

140e7d3e026ed3e9372630792966943cafdf7d8c
SHA256

495956157d35d72a276365fab6b4ec6387b2552d67444227dd4e1ade8336156c
SHA512

6c319dc91ebb2f1808bb9e7eb3ee1beaa5357e334250802ac173fd73bbca267160b2bfac6db13b4468868b7ed05fd0e34baad54c2bb540140296d9ddb10e6030
SSDEEP

24576:ubLgurgDdmMSirYbcMNgef0QeQjG/D8kIqYmiHkQg65ASk+RdhAdmvctA0p+9XEk:unsEMSPbcBVQej/s1HkQrAARdhnvoAH

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  495956157d35d72a276365fab6b4ec6387b2552d67444227dd4e1ade8336156c
- Size
  
  5.0MB
- MD5
  
  a51beb6c0ac1650cc9161d77a7b4ffe4
- SHA1
  
  140e7d3e026ed3e9372630792966943cafdf7d8c
- SHA256
  
  495956157d35d72a276365fab6b4ec6387b2552d67444227dd4e1ade8336156c
- SHA512
  
  6c319dc91ebb2f1808bb9e7eb3ee1beaa5357e334250802ac173fd73bbca267160b2bfac6db13b4468868b7ed05fd0e34baad54c2bb540140296d9ddb10e6030
- SSDEEP
  
  24576:ubLgurgDdmMSirYbcMNgef0QeQjG/D8kIqYmiHkQg65ASk+RdhAdmvctA0p+9XEk:unsEMSPbcBVQej/s1HkQrAARdhnvoAH
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2587) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1210) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm