wannacry | b0e67944726a2d7a14c9ce5fbfa1914b85666d547cc09118b278e89aeb5307cd | Triage

Submit
Reports

Overview

overview

Static

static

3

WannaCry.exe

windows7-x64

WannaCry.exe

windows10-2004-x64

Sharing

General

Target

WannaCry.exe
Size

623KB
Sample

240722-zj2hkaxgkq
MD5

eea571229a25bc2f5b59dce07c361cb2
SHA1

b341437a1f94d645e5628d8491f068de1a049fb9
SHA256

b0e67944726a2d7a14c9ce5fbfa1914b85666d547cc09118b278e89aeb5307cd
SHA512

1b52740a0fbbb26cd8ad94167b443a81761ba8d48ae9b2931c924a2dcacb3de1727faf12858714712e863cd8d4a6412780ee466e45765565e707422ace583fca
SSDEEP

12288:JzNGgFeDQ8sYnJl6+CIxNbMV6DqJ598Fu8l3hIX61Ho7:TGKUQ8sYJlFtMV6DqJ4u8lQ6S7

Score

10^/10

wannacry ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WannaCry.exe

Resource

win7-20240708-en

wannacry ransomware worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

WannaCry.exe

Resource

win10v2004-20240709-en

wannacry ransomware worm

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  WannaCry.exe
- Size
  
  623KB
- MD5
  
  eea571229a25bc2f5b59dce07c361cb2
- SHA1
  
  b341437a1f94d645e5628d8491f068de1a049fb9
- SHA256
  
  b0e67944726a2d7a14c9ce5fbfa1914b85666d547cc09118b278e89aeb5307cd
- SHA512
  
  1b52740a0fbbb26cd8ad94167b443a81761ba8d48ae9b2931c924a2dcacb3de1727faf12858714712e863cd8d4a6412780ee466e45765565e707422ace583fca
- SSDEEP
  
  12288:JzNGgFeDQ8sYnJl6+CIxNbMV6DqJ598Fu8l3hIX61Ho7:TGKUQ8sYJlFtMV6DqJ4u8lQ6S7
Score

10^/10

wannacry ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

wannacryransomwareworm

behavioral2

wannacryransomwareworm

© 2018-2024

Terms | Privacy