c91b0e133ade231645d08ba9fa03fe3f3b971316513d725c6bdd1d45c09447a6 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-28...ry.exe

windows7-x64

9

2024-05-28...ry.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-28_dbd00ddc3271a18107e33634bd59290e_ngrbot_wannacry
Size

57KB
Sample

240528-y876zacc38
MD5

dbd00ddc3271a18107e33634bd59290e
SHA1

e0932e95d3617055ede7e4c0e89eef26c127a219
SHA256

c91b0e133ade231645d08ba9fa03fe3f3b971316513d725c6bdd1d45c09447a6
SHA512

5a8b77337168f02953645a61922ae93142bf02afc991f1a5d67293d00c50c0d3a01ddbac352fbd52314bb3e1988878c172afd191ee3a9423cfa2852d1fbc47e7
SSDEEP

768:kVfM7722n0Mnvqc/ndEP0wiu2R1Mm4/U76pURqO77xQ+VORH:2N2df/ndEmqUk+7xQ+Vs

Score

10^/10

defense_evasion execution impact ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-05-28_dbd00ddc3271a18107e33634bd59290e_ngrbot_wannacry.exe

Resource

win7-20240221-en

defense_evasion execution impact ransomware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-28_dbd00ddc3271a18107e33634bd59290e_ngrbot_wannacry.exe

Resource

win10v2004-20240426-en

defense_evasion execution impact ransomware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-28_dbd00ddc3271a18107e33634bd59290e_ngrbot_wannacry
- Size
  
  57KB
- MD5
  
  dbd00ddc3271a18107e33634bd59290e
- SHA1
  
  e0932e95d3617055ede7e4c0e89eef26c127a219
- SHA256
  
  c91b0e133ade231645d08ba9fa03fe3f3b971316513d725c6bdd1d45c09447a6
- SHA512
  
  5a8b77337168f02953645a61922ae93142bf02afc991f1a5d67293d00c50c0d3a01ddbac352fbd52314bb3e1988878c172afd191ee3a9423cfa2852d1fbc47e7
- SSDEEP
  
  768:kVfM7722n0Mnvqc/ndEP0wiu2R1Mm4/U76pURqO77xQ+VORH:2N2df/ndEmqUk+7xQ+Vs
Score

9^/10

defense_evasion execution impact ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Detects command variations typically used by ransomware
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

defense_evasionexecutionimpactransomware

behavioral2

defense_evasionexecutionimpactransomware

© 2018-2024

Terms | Privacy