Overview

overview

10

Static

static

3

2024-07-23...ry.exe

windows7-x64

10

2024-07-23...ry.exe

windows10-2004-x64

10

Resubmissions

23-07-2024 13:42

240723-qz4s7awcme 10

23-07-2024 13:24

240723-qnkaeavfnf 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-23_970bc66e370b372a62deaaf7b9282259_wannacry

  • Size

    5.0MB

  • Sample

    240723-qnkaeavfnf

  • MD5

    970bc66e370b372a62deaaf7b9282259

  • SHA1

    e7469fa43364a5365743007ce461aefd607a5aa2

  • SHA256

    75b6f47db183bd4257be36c918c8894ad7932a927a9d63512ba207d3031ef69d

  • SHA512

    ee16d3c07e976db99f7520ed75b1a3b2ede1e1780a4c4a2afb22b52fe0b8b325007aba99a53553ea37e2d5195282610e77871546d531fd9d1ae1e340f3d6346e

  • SSDEEP

    49152:XnAQqMSPbcBVUx+TSqTdX1HkQo6SAARdhnv:XDqPoBWxcSUDk36SAEdhv

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-23_970bc66e370b372a62deaaf7b9282259_wannacry

    • Size

      5.0MB

    • MD5

      970bc66e370b372a62deaaf7b9282259

    • SHA1

      e7469fa43364a5365743007ce461aefd607a5aa2

    • SHA256

      75b6f47db183bd4257be36c918c8894ad7932a927a9d63512ba207d3031ef69d

    • SHA512

      ee16d3c07e976db99f7520ed75b1a3b2ede1e1780a4c4a2afb22b52fe0b8b325007aba99a53553ea37e2d5195282610e77871546d531fd9d1ae1e340f3d6346e

    • SSDEEP

      49152:XnAQqMSPbcBVUx+TSqTdX1HkQo6SAARdhnv:XDqPoBWxcSUDk36SAEdhv

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3200) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks