Overview

overview

10

Static

static

3

ae12bb54af...5e.dll

windows7-x64

10

ae12bb54af...5e.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample2.zip

  • Size

    3.4MB

  • Sample

    240706-s7l98atclm

  • MD5

    1d25f13d93b8225ec6fad14d868025ef

  • SHA1

    f38b28eecc5a88ae3cc147f6e953c5f34514568a

  • SHA256

    341a06e1cc43962efe30ea6928b5bedd2b4a4aed1044be921392708965557267

  • SHA512

    069768c64cc7c4df1ea7779ebc8343b4252de7d826df4178e9a2f98204dcfe559f917d05003fc8e73965a94dcec6f888a959ef354944237773e0251495a3f88b

  • SSDEEP

    49152:kZMGCbEeTLYkzDfXjBcIS3svKJZpoiOMMhTqrN4NGH+nH5T9jV9HKtRwqrk:kZ9OEeTLffw8mpg8N4NGaZJWXdk

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      ae12bb54af31227017feffd9598a6f5e

    • Size

      5.0MB

    • MD5

      ae12bb54af31227017feffd9598a6f5e

    • SHA1

      f597a1cc16d42b7f02e077696e067cd3030a06d9

    • SHA256

      c05e2dab77349cd639aa837e7e121710b8a0718d8fc93fb4cc6458ae90e5c597

    • SHA512

      a80b1cc70cafff3b8edb2e732fa2360436cc7556ba91977ab1fa505ad7c6e184c465839d1584f827be17ccb751240432348debe69eed4e006321d9af4334621b

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:+DqPe1Cxcxk3ZAEUadzR8yc4H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3038) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks