wannacry | 0474576d4895d7649d7877702436063128e3ffd60ec451dc515e53e0f6c00e2c | Triage

Sharing

General

Target

2024-06-15_250968028930086c1e8e53c3369a285b_wannacry
Size

3.6MB
Sample

240615-aqakzssdra
MD5

250968028930086c1e8e53c3369a285b
SHA1

7baeb4fa31cd458aff1a73e09e35da013b7d030b
SHA256

0474576d4895d7649d7877702436063128e3ffd60ec451dc515e53e0f6c00e2c
SHA512

ec5fd5b0615572a33449c376afb7ad66eb0ed4d9614f514ab1c991ac454643f120e7cc312e6165d577c1a391fcf736eb8640bc80c13c59747103fc0dff427efa
SSDEEP

12288:GVbLgPlu+QhMbaIMu7L5N5b0Xo3LLFzTM8bQr28mw2:wbLgddQhfdmngBm

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  2024-06-15_250968028930086c1e8e53c3369a285b_wannacry
- Size
  
  3.6MB
- MD5
  
  250968028930086c1e8e53c3369a285b
- SHA1
  
  7baeb4fa31cd458aff1a73e09e35da013b7d030b
- SHA256
  
  0474576d4895d7649d7877702436063128e3ffd60ec451dc515e53e0f6c00e2c
- SHA512
  
  ec5fd5b0615572a33449c376afb7ad66eb0ed4d9614f514ab1c991ac454643f120e7cc312e6165d577c1a391fcf736eb8640bc80c13c59747103fc0dff427efa
- SSDEEP
  
  12288:GVbLgPlu+QhMbaIMu7L5N5b0Xo3LLFzTM8bQr28mw2:wbLgddQhfdmngBm
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (2683) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

wannacrydiscoveryransomwareworm