Overview

overview

10

Static

static

3

05894899.exe

windows7-x64

10

05894899.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    46s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2023 17:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    05894899.exe

  • Size

    3.6MB

  • MD5

    f8db667580cdaa9e33bdd5de9d766153

  • SHA1

    0c4a662548618bb027191803c93d2bb828d390be

  • SHA256

    cb11ca7f0afe82833d91792dc891a81088f1605c6cc029edecc21b4f433c0756

  • SHA512

    5d0ad490ea07b347729136a73633f22c7cf0afc157866eb1cdd2ec7d0c7b10a14ea4255958d7549ce7ac73a88d3d4099f707f0e2beac300e31340e5227d1c60b

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2HI:yDqPe1Cxcxk3ZAEUadzR8yc4HI

Score
10/10
wannacryransomwareworm

Malware Config

Signatures

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry
  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Modifies data under HKEY_USERS 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\05894899.exe
    "C:\Users\Admin\AppData\Local\Temp\05894899.exe"
    1⤵
    • Drops file in Windows directory
    PID:1712
    • C:\WINDOWS\tasksche.exe
      C:\WINDOWS\tasksche.exe /i
      2⤵
      • Executes dropped EXE
      PID:1640
  • C:\Users\Admin\AppData\Local\Temp\05894899.exe
    C:\Users\Admin\AppData\Local\Temp\05894899.exe -m security
    1⤵
    • Drops file in System32 directory
    • Modifies data under HKEY_USERS
    PID:568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\tasksche.exe
    Filesize

    3.4MB

    MD5

    7d4b3e8d346bf22cb82da150791e19f3

    SHA1

    660f9eeb7fa31a66778963de86069a9f4b9a689c

    SHA256

    12049e97ab7e5577347c7e1893181c3cab2ed8aef6be3a1fe5891b3e81865c9e

    SHA512

    b4beab80c46a0abeaa9be674d376a5d1f8233eac77a7d0ad0b21f9a2037e070fef2fafbe95230ee20caaf39002e97cff498ce4d96ef2e9f8fe980773941c0618

    Download Submit