Overview

overview

10

Static

static

3

2024-06-09...ry.exe

windows7-x64

10

2024-06-09...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-09_90015b0a0af2d7bd139bf30c20c831e9_wannacry

  • Size

    3.6MB

  • Sample

    240609-eqv9xadd8z

  • MD5

    90015b0a0af2d7bd139bf30c20c831e9

  • SHA1

    654b5a122a210bd646fe09526666dda53d74facb

  • SHA256

    ce5ecad1122fa825c92a6d011b04ac9fce24f5878ab30487504d2e52f4e5a530

  • SHA512

    b0e7c0a3abfa5aca2f73fda4ed3fbb7327fa0c5e37b466a209ff9061f5a9f5430da26e7ff0e91caa5cc85ca9b5e8fe64353ec70b2ccf5d7513d9e66f7eef3d4b

  • SSDEEP

    49152:OnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAY:6DqPoBhz1aRxcSUDk36SA

Score
10/10
wannacrydiscoveryevasionransomwareworm

Malware Config

Targets

    • Target

      2024-06-09_90015b0a0af2d7bd139bf30c20c831e9_wannacry

    • Size

      3.6MB

    • MD5

      90015b0a0af2d7bd139bf30c20c831e9

    • SHA1

      654b5a122a210bd646fe09526666dda53d74facb

    • SHA256

      ce5ecad1122fa825c92a6d011b04ac9fce24f5878ab30487504d2e52f4e5a530

    • SHA512

      b0e7c0a3abfa5aca2f73fda4ed3fbb7327fa0c5e37b466a209ff9061f5a9f5430da26e7ff0e91caa5cc85ca9b5e8fe64353ec70b2ccf5d7513d9e66f7eef3d4b

    • SSDEEP

      49152:OnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAY:6DqPoBhz1aRxcSUDk36SA

    Score
    10/10
    wannacrydiscoveryransomwarewormevasion

    • Modifies firewall policy service

      evasion

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3219) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in Drivers directory

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks