Overview

overview

10

Static

static

3

2024-07-04...ry.exe

windows7-x64

10

2024-07-04...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-04_f125b96600cc95e4d4f6e3fc4a6fff47_wannacry

  • Size

    5.0MB

  • Sample

    240704-p3n2gayhpf

  • MD5

    f125b96600cc95e4d4f6e3fc4a6fff47

  • SHA1

    b1ae7a28971dca3f3f1034c2471f797e5dfef6de

  • SHA256

    f9488380f518f065fceedc417885f79fa90fce648fb7d1e6684cc7c20d1ef97e

  • SHA512

    9f7a2d706f6c80f876684d50e72419e891130d25dd8f042a3f9b0ca370a6b1d96364ed14bb828c08f36b153df16160bef2e30215d2ee753047ee522e7b971330

  • SSDEEP

    49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-04_f125b96600cc95e4d4f6e3fc4a6fff47_wannacry

    • Size

      5.0MB

    • MD5

      f125b96600cc95e4d4f6e3fc4a6fff47

    • SHA1

      b1ae7a28971dca3f3f1034c2471f797e5dfef6de

    • SHA256

      f9488380f518f065fceedc417885f79fa90fce648fb7d1e6684cc7c20d1ef97e

    • SHA512

      9f7a2d706f6c80f876684d50e72419e891130d25dd8f042a3f9b0ca370a6b1d96364ed14bb828c08f36b153df16160bef2e30215d2ee753047ee522e7b971330

    • SSDEEP

      49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3358) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks