wannacry | 077bbb0a91bcd1236aa85c5d6fcbd42f711bf8f2a305f9ae64cb30d242c8fb8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

077bbb0a91bcd1236aa85c5d6fcbd42f711bf8f2a305f9ae64cb30d242c8fb8a
Size

2.2MB
Sample

221014-tfqn1adghl
MD5

f180d23ede98f53a8dffd109ed624e85
SHA1

7755fe529f6c4ff88d3955269c9a1d49235f5a56
SHA256

077bbb0a91bcd1236aa85c5d6fcbd42f711bf8f2a305f9ae64cb30d242c8fb8a
SHA512

8f4df958e1122e5f344e8d82342f83cf3cdd65084d2fbc4209823527440a8d0e65167fb57b891e92fb1d1824160b6d0953b44533f49f1f111426bce595679859
SSDEEP

24576:QbLgdriBSmMSirYbcMNgef0QeQjG/D8kIqRYEz6626M+vbOSSqTPVXmiH:QnPMSPbcBVQej/16x+TSqTdX1H

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  077bbb0a91bcd1236aa85c5d6fcbd42f711bf8f2a305f9ae64cb30d242c8fb8a
- Size
  
  2.2MB
- MD5
  
  f180d23ede98f53a8dffd109ed624e85
- SHA1
  
  7755fe529f6c4ff88d3955269c9a1d49235f5a56
- SHA256
  
  077bbb0a91bcd1236aa85c5d6fcbd42f711bf8f2a305f9ae64cb30d242c8fb8a
- SHA512
  
  8f4df958e1122e5f344e8d82342f83cf3cdd65084d2fbc4209823527440a8d0e65167fb57b891e92fb1d1824160b6d0953b44533f49f1f111426bce595679859
- SSDEEP
  
  24576:QbLgdriBSmMSirYbcMNgef0QeQjG/D8kIqRYEz6626M+vbOSSqTPVXmiH:QnPMSPbcBVQej/16x+TSqTdX1H
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2336) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1241) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm