Overview

overview

10

Static

static

3

2024-07-26...mi.exe

windows7-x64

10

2024-07-26...mi.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-26_b54375863d3a8947d39f959af777440a_wannacry_wapomi

  • Size

    260KB

  • Sample

    240726-2vn3qataqd

  • MD5

    b54375863d3a8947d39f959af777440a

  • SHA1

    57f6aab0f117546bee9a370f7ed391635fc4124f

  • SHA256

    1665694f0fa0461f34dee6ada7abd00e56c13405b942cead3a65feabf44b07fc

  • SHA512

    2c446c0e2d90ba7fbd19cf0b17bc1aa1058e5a8f30fef595b88544920f271633d5eb9d9cd318f6174b1f0ece1d90c92e82d770d8e45f06957c863d9930c663ac

  • SSDEEP

    3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo3NGCH:+Ed5+IZiZhLlG4AimmCC

Score
10/10
wannacryaspackv2discoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-26_b54375863d3a8947d39f959af777440a_wannacry_wapomi

    • Size

      260KB

    • MD5

      b54375863d3a8947d39f959af777440a

    • SHA1

      57f6aab0f117546bee9a370f7ed391635fc4124f

    • SHA256

      1665694f0fa0461f34dee6ada7abd00e56c13405b942cead3a65feabf44b07fc

    • SHA512

      2c446c0e2d90ba7fbd19cf0b17bc1aa1058e5a8f30fef595b88544920f271633d5eb9d9cd318f6174b1f0ece1d90c92e82d770d8e45f06957c863d9930c663ac

    • SSDEEP

      3072:+mrhd5U1eigWcR+uiUg6p4FLlG4tlL8z+mmCeHFZjoHEo3NGCH:+Ed5+IZiZhLlG4AimmCC

    Score
    10/10
    wannacryaspackv2discoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks