Overview

overview

10

Static

static

3

2024-06-23...ry.exe

windows7-x64

10

2024-06-23...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-23_b41496a6c3e634019030ac6798ca3711_wannacry

  • Size

    3.6MB

  • Sample

    240623-nhlvyayglb

  • MD5

    b41496a6c3e634019030ac6798ca3711

  • SHA1

    1ad0991f76e5ba2931ec0d4274a263d5d6eef10f

  • SHA256

    6d03ccb3ebf7533a3d530061a02c26dcbabe30672e12c252cdc763454a6080d2

  • SHA512

    4f47d23768043e6af198a766f982ada06b855e48a952654319fde9c1c6cebbe2803a89232aa5548e4401306c88ac2dc93ba4564122e5b5055fdb21f9e67101df

  • SSDEEP

    98304:1DqPoBhz1aRpcSUDk36SAEdhvxWa9P593R8yAV6R:1DqPe1Cpcxk3ZAEUadzR8yca

Score
10/10
wannacrydiscoveryevasionransomwareworm

Malware Config

Targets

    • Target

      2024-06-23_b41496a6c3e634019030ac6798ca3711_wannacry

    • Size

      3.6MB

    • MD5

      b41496a6c3e634019030ac6798ca3711

    • SHA1

      1ad0991f76e5ba2931ec0d4274a263d5d6eef10f

    • SHA256

      6d03ccb3ebf7533a3d530061a02c26dcbabe30672e12c252cdc763454a6080d2

    • SHA512

      4f47d23768043e6af198a766f982ada06b855e48a952654319fde9c1c6cebbe2803a89232aa5548e4401306c88ac2dc93ba4564122e5b5055fdb21f9e67101df

    • SSDEEP

      98304:1DqPoBhz1aRpcSUDk36SAEdhvxWa9P593R8yAV6R:1DqPe1Cpcxk3ZAEUadzR8yca

    Score
    10/10
    wannacrydiscoveryransomwarewormevasion

    • Modifies firewall policy service

      evasion

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3230) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks