Overview

overview

10

Static

static

3

3c6433fe31...6c.dll

windows7-x64

10

3c6433fe31...6c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c6433fe316f20bdba715677dfe8205e57a3c166b41712251f21f6d12287a16c

  • Size

    5.0MB

  • Sample

    240721-m4pchs1bnp

  • MD5

    3c63f9be8f7752de7f002ed0c3bdfddf

  • SHA1

    7a0c5379a5e6ed41a8240e7f0e2005b1cd58d500

  • SHA256

    3c6433fe316f20bdba715677dfe8205e57a3c166b41712251f21f6d12287a16c

  • SHA512

    9b0ad7f482f709811a6febae0ce4f22baf2e6151f5684e072805affea866a874b8759823d6abcddcc9aa322fe3b5363aa6e1bf9da39052fe56a7105a79a1c782

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEUadzR8yc4

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      3c6433fe316f20bdba715677dfe8205e57a3c166b41712251f21f6d12287a16c

    • Size

      5.0MB

    • MD5

      3c63f9be8f7752de7f002ed0c3bdfddf

    • SHA1

      7a0c5379a5e6ed41a8240e7f0e2005b1cd58d500

    • SHA256

      3c6433fe316f20bdba715677dfe8205e57a3c166b41712251f21f6d12287a16c

    • SHA512

      9b0ad7f482f709811a6febae0ce4f22baf2e6151f5684e072805affea866a874b8759823d6abcddcc9aa322fe3b5363aa6e1bf9da39052fe56a7105a79a1c782

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEUadzR8yc4

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3247) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks