Overview

overview

10

Static

static

3

2024-07-26...mi.exe

windows7-x64

10

2024-07-26...mi.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-26_365993523bec34003697feadee04ee6b_wannacry_wapomi

  • Size

    260KB

  • Sample

    240726-2nr6sssfqh

  • MD5

    365993523bec34003697feadee04ee6b

  • SHA1

    c71348b57574ac40672f9b281a55c4264a0d09d5

  • SHA256

    0cf532deb498ebd2a3d0e5c16bfefb0ce54840427fcaa9123d5d068f716783ad

  • SHA512

    e99ce2738c95197c4157c735e864bd2e8745d0bba3d11f2252f09e33326537b6e72f13a3d48f17441e7fe07049e43327b5ecc8f2e2395e6670f0b22e8e39872d

  • SSDEEP

    3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo32GCH:+Ed5+IZiZhLlG4AimmC1

Score
10/10
wannacryaspackv2discoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-26_365993523bec34003697feadee04ee6b_wannacry_wapomi

    • Size

      260KB

    • MD5

      365993523bec34003697feadee04ee6b

    • SHA1

      c71348b57574ac40672f9b281a55c4264a0d09d5

    • SHA256

      0cf532deb498ebd2a3d0e5c16bfefb0ce54840427fcaa9123d5d068f716783ad

    • SHA512

      e99ce2738c95197c4157c735e864bd2e8745d0bba3d11f2252f09e33326537b6e72f13a3d48f17441e7fe07049e43327b5ecc8f2e2395e6670f0b22e8e39872d

    • SSDEEP

      3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo32GCH:+Ed5+IZiZhLlG4AimmC1

    Score
    10/10
    wannacryaspackv2discoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks