Overview

overview

10

Static

static

3

c3756f4b81...ex.exe

windows7-x64

10

c3756f4b81...ex.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c3756f4b812538exeexeexeex.exe

  • Size

    3.6MB

  • Sample

    230710-ra24qsah83

  • MD5

    c3756f4b81253842599eb248560ec77c

  • SHA1

    f1c3157677b0a8ffb74038a5e5b7f0dd6947d698

  • SHA256

    977fad24c7d68202a24c954e3389c504b34e312ed31e2e2a2985ef2009591b7d

  • SHA512

    723fade4b237d3ce5b93b7a1816b59ba1a13002070a51134252c8e3786dbf04e80def0948569920a0c6268392726aa7bef062196a5b3679c264d25b763fa2369

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdh:XDqPoBhz1aRxcSUDk36SAEdh

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      c3756f4b812538exeexeexeex.exe

    • Size

      3.6MB

    • MD5

      c3756f4b81253842599eb248560ec77c

    • SHA1

      f1c3157677b0a8ffb74038a5e5b7f0dd6947d698

    • SHA256

      977fad24c7d68202a24c954e3389c504b34e312ed31e2e2a2985ef2009591b7d

    • SHA512

      723fade4b237d3ce5b93b7a1816b59ba1a13002070a51134252c8e3786dbf04e80def0948569920a0c6268392726aa7bef062196a5b3679c264d25b763fa2369

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdh:XDqPoBhz1aRxcSUDk36SAEdh

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3310) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (1554) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks