wannacry | 1dd001ef5ae3fdc07d44feae5246b23f199e01ce4f7e2b7dd5a354f7aea227fa | Triage

Submit
Reports

Overview

overview

Static

static

3

62186bebff...18.dll

windows7-x64

62186bebff...18.dll

windows10-2004-x64

Sharing

General

Target

62186bebffffcfafb1c70a8ff03fa317_JaffaCakes118
Size

5.0MB
Sample

240722-a2x6eswajl
MD5

62186bebffffcfafb1c70a8ff03fa317
SHA1

6fc4434a5fc48ef8c1792f8d7ca49cba14556378
SHA256

1dd001ef5ae3fdc07d44feae5246b23f199e01ce4f7e2b7dd5a354f7aea227fa
SHA512

8cb8d6f6e26cf4e5dd9a894025fe4c8063f3c13bf52a4b0faefcb27f1c95ec2121d9f8d3a4365da34483061d69f1c0da639fc7429a49e4091a2a35dac5775135
SSDEEP

49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARd:d8qPoBhz1aRxcSUDk36SAEd

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

62186bebffffcfafb1c70a8ff03fa317_JaffaCakes118.dll

Resource

win7-20240708-en

wannacry discovery ransomware worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

62186bebffffcfafb1c70a8ff03fa317_JaffaCakes118.dll

Resource

win10v2004-20240709-en

wannacry discovery ransomware worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  62186bebffffcfafb1c70a8ff03fa317_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  62186bebffffcfafb1c70a8ff03fa317
- SHA1
  
  6fc4434a5fc48ef8c1792f8d7ca49cba14556378
- SHA256
  
  1dd001ef5ae3fdc07d44feae5246b23f199e01ce4f7e2b7dd5a354f7aea227fa
- SHA512
  
  8cb8d6f6e26cf4e5dd9a894025fe4c8063f3c13bf52a4b0faefcb27f1c95ec2121d9f8d3a4365da34483061d69f1c0da639fc7429a49e4091a2a35dac5775135
- SSDEEP
  
  49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARd:d8qPoBhz1aRxcSUDk36SAEd
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3187) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy