Overview

overview

10

Static

static

3

2023-05-11...ry.exe

windows7-x64

10

2023-05-11...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2023-05-11_6495bcf259b484222dc8b48f7cacd74d_wannacry

  • Size

    5.0MB

  • Sample

    230512-dcy8zabe48

  • MD5

    6495bcf259b484222dc8b48f7cacd74d

  • SHA1

    a64d03f09fb2bc90f88531ae60117bbc6285b409

  • SHA256

    3028859db5b62aea55e484640681104640f41cb4535b6c347df4d88fcce6ec59

  • SHA512

    faebe1f6e1bac779de020c180322719a3ee7aef12cfd6e0c7f486fdad2be359f5f7633cf100e0836215fa216dd7946360e1bceb769b3d9756768969f202bf75c

  • SSDEEP

    98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P5AR8yAVp2H:XDqPe1Cxcxk3ZAEUadqR8yc4H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2023-05-11_6495bcf259b484222dc8b48f7cacd74d_wannacry

    • Size

      5.0MB

    • MD5

      6495bcf259b484222dc8b48f7cacd74d

    • SHA1

      a64d03f09fb2bc90f88531ae60117bbc6285b409

    • SHA256

      3028859db5b62aea55e484640681104640f41cb4535b6c347df4d88fcce6ec59

    • SHA512

      faebe1f6e1bac779de020c180322719a3ee7aef12cfd6e0c7f486fdad2be359f5f7633cf100e0836215fa216dd7946360e1bceb769b3d9756768969f202bf75c

    • SSDEEP

      98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P5AR8yAVp2H:XDqPe1Cxcxk3ZAEUadqR8yc4H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3253) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1459) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks