Overview

overview

10

Static

static

3

2024-07-27...ry.exe

windows7-x64

10

2024-07-27...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-27_67a057b9d5dc93bb0503e76d3f2c05d5_wannacry

  • Size

    5.0MB

  • Sample

    240727-mxv7gswajn

  • MD5

    67a057b9d5dc93bb0503e76d3f2c05d5

  • SHA1

    8c71e5ab6f8c3ecd397cfbea078131a580333b29

  • SHA256

    69f702e9b704bca24a4f8fbc15b337da09cf64e7706a55f1650ab87b83b52123

  • SHA512

    31576c84749f6fc0a3f98f56eab710b070446cf49682ca03a55499c70d8bc8664c9320063c6162148e6b59341b704f3077623eb056f8861c0a977fed799c56f6

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P51GJ7fOi0cFbyegt9UR6K6JcNHYPr:yDqPe1Cxcxk3ZAEUadcRuPr

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-27_67a057b9d5dc93bb0503e76d3f2c05d5_wannacry

    • Size

      5.0MB

    • MD5

      67a057b9d5dc93bb0503e76d3f2c05d5

    • SHA1

      8c71e5ab6f8c3ecd397cfbea078131a580333b29

    • SHA256

      69f702e9b704bca24a4f8fbc15b337da09cf64e7706a55f1650ab87b83b52123

    • SHA512

      31576c84749f6fc0a3f98f56eab710b070446cf49682ca03a55499c70d8bc8664c9320063c6162148e6b59341b704f3077623eb056f8861c0a977fed799c56f6

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P51GJ7fOi0cFbyegt9UR6K6JcNHYPr:yDqPe1Cxcxk3ZAEUadcRuPr

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3229) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks