wannacry | 74609a495eeaae9953d8c5cb66bd8ac3c8b955e005506252eabf4d3e4dbc422f | Triage

Submit
Reports

Overview

overview

Static

static

3

486f3b0c2d...18.dll

windows10-2004-x64

Resubmissions

15-07-2024 05:50

240715-gj2jfstfng 10

15-07-2024 05:49

240715-gjjnms1clk 10

15-07-2024 05:46

240715-ggp3mstenf 10

15-07-2024 05:45

240715-gfpeqatekc 10

15-07-2024 05:34

240715-f9qzzatblb 10

Sharing

General

Target

486f3b0c2d9fc55d6069c0f76c7d741e_JaffaCakes118
Size

5.0MB
Sample

240715-gj2jfstfng
MD5

486f3b0c2d9fc55d6069c0f76c7d741e
SHA1

dc32bd56935cb12c458cd2cb0aa0456c43c4e521
SHA256

74609a495eeaae9953d8c5cb66bd8ac3c8b955e005506252eabf4d3e4dbc422f
SHA512

2829527cf90924fec17e9145b665a6fb9c7f24699c45fbc122f49ec6f59cc8abb7f09deddfcee461a70ee5464ccee9c334acea953f2dacb006f77d92755c71b7
SSDEEP

98304:6DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp21:6DqPe1Cxcxk3ZAEUadzR8yc41

Score

10^/10

wannacry discovery evasion ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

486f3b0c2d9fc55d6069c0f76c7d741e_JaffaCakes118.dll

Resource

win10v2004-20240709-en

wannacry discovery evasion ransomware worm

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  486f3b0c2d9fc55d6069c0f76c7d741e_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  486f3b0c2d9fc55d6069c0f76c7d741e
- SHA1
  
  dc32bd56935cb12c458cd2cb0aa0456c43c4e521
- SHA256
  
  74609a495eeaae9953d8c5cb66bd8ac3c8b955e005506252eabf4d3e4dbc422f
- SHA512
  
  2829527cf90924fec17e9145b665a6fb9c7f24699c45fbc122f49ec6f59cc8abb7f09deddfcee461a70ee5464ccee9c334acea953f2dacb006f77d92755c71b7
- SSDEEP
  
  98304:6DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp21:6DqPe1Cxcxk3ZAEUadzR8yc41
Score

10^/10

wannacry discovery evasion ransomware worm
- Modifies firewall policy service
  evasion
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (1023) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in Drivers directory
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryevasionransomwareworm

© 2018-2025

Terms | Privacy