Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-06_4f29080b27595a76a043e3ced310dc06_wannacry

  • Size

    5.0MB

  • Sample

    240107-pbjmnsdcem

  • MD5

    4f29080b27595a76a043e3ced310dc06

  • SHA1

    1012de56ec49f9190834712aa5790b22eda390cf

  • SHA256

    0ae1188b452f52be4da2569a84dc54ba859e2daa7a79417d4e8e0c50d4238f9e

  • SHA512

    40776890a6b4660104ab7836ad68890b5a07815a8b64a47b2b687d677f17f23b3f80c9f88fd99aae6491b4682e311a2a0eac0287e5bfc73a2aafee38bcb6eaf7

  • SSDEEP

    6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYQuy8D:GvbLgPlu+QhMbaIMu7

Malware Config

Targets

    • Target

      2024-01-06_4f29080b27595a76a043e3ced310dc06_wannacry

    • Size

      5.0MB

    • MD5

      4f29080b27595a76a043e3ced310dc06

    • SHA1

      1012de56ec49f9190834712aa5790b22eda390cf

    • SHA256

      0ae1188b452f52be4da2569a84dc54ba859e2daa7a79417d4e8e0c50d4238f9e

    • SHA512

      40776890a6b4660104ab7836ad68890b5a07815a8b64a47b2b687d677f17f23b3f80c9f88fd99aae6491b4682e311a2a0eac0287e5bfc73a2aafee38bcb6eaf7

    • SSDEEP

      6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYQuy8D:GvbLgPlu+QhMbaIMu7

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3246) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks