wannacry

Resubmissions

18-05-2024 01:17

240518-bnqpvsdb61 10

18-05-2024 00:01

240518-aa5q7aaa72 10

Sharing

Copy URL

Twitter E-mail

General

Target

52273974a0123165fa8fbd867fa6dce5_JaffaCakes118
Size

5.0MB
Sample

240518-bnqpvsdb61
MD5

52273974a0123165fa8fbd867fa6dce5
SHA1

35f1258534d55dd40ad036af00a7b82cb692843d
SHA256

022c9efcf232fdfabcfba1423deb8ade3a49ae6480bddd4d58b4ca712e2ebd02
SHA512

389091e8ebbbbeb2709bed52ee3cbb7149a8f4f283c49cbf35ccbc93437f3472a4c272ab401ca3f22eadcfce067bfde179a1be1a9dbf07aa6c8ea53506ca9744
SSDEEP

24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIwQ2bYy:SnAQqMSPbcBVQej/

Score

10^/10

Malware Config

Targets

- Target
  
  52273974a0123165fa8fbd867fa6dce5_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  52273974a0123165fa8fbd867fa6dce5
- SHA1
  
  35f1258534d55dd40ad036af00a7b82cb692843d
- SHA256
  
  022c9efcf232fdfabcfba1423deb8ade3a49ae6480bddd4d58b4ca712e2ebd02
- SHA512
  
  389091e8ebbbbeb2709bed52ee3cbb7149a8f4f283c49cbf35ccbc93437f3472a4c272ab401ca3f22eadcfce067bfde179a1be1a9dbf07aa6c8ea53506ca9744
- SSDEEP
  
  24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIwQ2bYy:SnAQqMSPbcBVQej/
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2571) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Contacts a large (2571) amount of remote hosts

Executes dropped EXE

Creates a large amount of network flows

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2