Overview

overview

10

Static

static

3

2024-05-13...ry.exe

windows7-x64

10

2024-05-13...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-13_0ac20526d102551f59b706c6fb69b955_wannacry

  • Size

    3.6MB

  • Sample

    240513-z78a1sec2z

  • MD5

    0ac20526d102551f59b706c6fb69b955

  • SHA1

    7a6902116f2cbd227552812eb7247c75aadfe6f0

  • SHA256

    22fe1c9d7a5f977680c663371b6f6fc569d717d1e6f9e05adee08132f79e3b94

  • SHA512

    1d59cac2356c2b7ee3a45df31c8d011e5e6386cf1c034b2e18ee5669486630028ecf5b4f56b67b2fdc83c7ef89c8ccf4e9891679dc8753ea29572a881a2d8222

  • SSDEEP

    12288:GQbLgmluyQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFW:tbLguVQhfdmMSirYbcMNgef0QeQjG/

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-05-13_0ac20526d102551f59b706c6fb69b955_wannacry

    • Size

      3.6MB

    • MD5

      0ac20526d102551f59b706c6fb69b955

    • SHA1

      7a6902116f2cbd227552812eb7247c75aadfe6f0

    • SHA256

      22fe1c9d7a5f977680c663371b6f6fc569d717d1e6f9e05adee08132f79e3b94

    • SHA512

      1d59cac2356c2b7ee3a45df31c8d011e5e6386cf1c034b2e18ee5669486630028ecf5b4f56b67b2fdc83c7ef89c8ccf4e9891679dc8753ea29572a881a2d8222

    • SSDEEP

      12288:GQbLgmluyQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFW:tbLguVQhfdmMSirYbcMNgef0QeQjG/

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3151) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks