wannacry | ebfbd194883031576456db7493ae4bdbaabc49c0ae52a6b4a9954b36095a5c1d | Triage

Sharing

General

Target

2024-03-25_7c5ff2fabd4d992d98e0c1ceb88ab8c3_wannacry
Size

3.4MB
Sample

240325-ehrlrafe48
MD5

7c5ff2fabd4d992d98e0c1ceb88ab8c3
SHA1

18162b02658569bf49227ce463fc79be8912b1be
SHA256

ebfbd194883031576456db7493ae4bdbaabc49c0ae52a6b4a9954b36095a5c1d
SHA512

3157367565b08d840984a095134ec4194ffcd832256d60ed4c1a656be563dc5bd772e01a7259edccefff293b719a04eadbd5007a754cb0e231ab239fc04de6c6
SSDEEP

98304:QLPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QLPe1Cxcxk3ZAEUadzR8yc4gB

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  2024-03-25_7c5ff2fabd4d992d98e0c1ceb88ab8c3_wannacry
- Size
  
  3.4MB
- MD5
  
  7c5ff2fabd4d992d98e0c1ceb88ab8c3
- SHA1
  
  18162b02658569bf49227ce463fc79be8912b1be
- SHA256
  
  ebfbd194883031576456db7493ae4bdbaabc49c0ae52a6b4a9954b36095a5c1d
- SHA512
  
  3157367565b08d840984a095134ec4194ffcd832256d60ed4c1a656be563dc5bd772e01a7259edccefff293b719a04eadbd5007a754cb0e231ab239fc04de6c6
- SSDEEP
  
  98304:QLPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2g3x:QLPe1Cxcxk3ZAEUadzR8yc4gB
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Detects command variations typically used by ransomware
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm