Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-23_f781a2530457166fce271b8e3f7a680f_wannacry

  • Size

    5.0MB

  • Sample

    240123-yl7xpagha4

  • MD5

    f781a2530457166fce271b8e3f7a680f

  • SHA1

    beca4b6dc774e08ac6135f5e718becc195d34b3c

  • SHA256

    55c1ea00cf1e6f137afd952520e20e2dde12b9d2728bd799dc02597a0d5b2e6c

  • SHA512

    3d7c009c0510ef93b0c0be8e4a68bb690616faf81d285b7a2fb5f6e790fb668ac8ef37402faa370b4d4b9774f3958d0686f9624f076db8a47fadbce7a533d582

  • SSDEEP

    98304:CDqPoBhz1aRxcSUDk36SAEdhvxWa9P593tyAVl:CDqPe1Cxcxk3ZAEUadztycl

Malware Config

Targets

    • Target

      2024-01-23_f781a2530457166fce271b8e3f7a680f_wannacry

    • Size

      5.0MB

    • MD5

      f781a2530457166fce271b8e3f7a680f

    • SHA1

      beca4b6dc774e08ac6135f5e718becc195d34b3c

    • SHA256

      55c1ea00cf1e6f137afd952520e20e2dde12b9d2728bd799dc02597a0d5b2e6c

    • SHA512

      3d7c009c0510ef93b0c0be8e4a68bb690616faf81d285b7a2fb5f6e790fb668ac8ef37402faa370b4d4b9774f3958d0686f9624f076db8a47fadbce7a533d582

    • SSDEEP

      98304:CDqPoBhz1aRxcSUDk36SAEdhvxWa9P593tyAVl:CDqPe1Cxcxk3ZAEUadztycl

    • Modifies firewall policy service

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3303) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks