Overview

overview

10

Static

static

3

2024-02-11...ry.exe

windows7-x64

10

2024-02-11...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-11_11db58391a5f1ae56cb29e6e7c283efb_wannacry

  • Size

    3.6MB

  • Sample

    240211-qza6waag33

  • MD5

    11db58391a5f1ae56cb29e6e7c283efb

  • SHA1

    193afa6bd2e8b9aa4cec959a753892974d0aba0b

  • SHA256

    9c6797ad59f40084b0782574865198102d88f32edbf9cc6e7ed4742bb0b3e3e2

  • SHA512

    bb132af10716d9ce14279937ed3770c523e7012177e7272bf740e5abc783a94eba80c12061a27cd68df1f1d8a6cc37e90cfac9bed705deb972cc057b7e07c6b1

  • SSDEEP

    49152:2nAQqMSPbcBVB/1INRx+TSqTdX1HqMEcaEau3R8yAH1plAHI:yDqPoBD1aRxcSUDb93R8yAVp2HI

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-02-11_11db58391a5f1ae56cb29e6e7c283efb_wannacry

    • Size

      3.6MB

    • MD5

      11db58391a5f1ae56cb29e6e7c283efb

    • SHA1

      193afa6bd2e8b9aa4cec959a753892974d0aba0b

    • SHA256

      9c6797ad59f40084b0782574865198102d88f32edbf9cc6e7ed4742bb0b3e3e2

    • SHA512

      bb132af10716d9ce14279937ed3770c523e7012177e7272bf740e5abc783a94eba80c12061a27cd68df1f1d8a6cc37e90cfac9bed705deb972cc057b7e07c6b1

    • SSDEEP

      49152:2nAQqMSPbcBVB/1INRx+TSqTdX1HqMEcaEau3R8yAH1plAHI:yDqPoBD1aRxcSUDb93R8yAVp2HI

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3287) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks