wannacry | 278cc6e804a8c54e71c0ea8565fbe21ebbf2dad3a0bbe3bfe13c324292abe076 | Triage

Submit
Reports

Overview

overview

Static

static

3

835cbba608...18.dll

windows7-x64

835cbba608...18.dll

windows10-2004-x64

Sharing

General

Target

835cbba608ad354eeaf5671108d39450_JaffaCakes118
Size

5.0MB
Sample

240802-g82kra1bll
MD5

835cbba608ad354eeaf5671108d39450
SHA1

d3fa0e70ead6f25317d2ba822a04562422c205b7
SHA256

278cc6e804a8c54e71c0ea8565fbe21ebbf2dad3a0bbe3bfe13c324292abe076
SHA512

30e4e8a17105113e5bec76126b2f47534f94ce8dfc9af652a059809b55401f38af50473b060923c19e3434ad62eef696dabf408652b7254a70c421b68ffbf91c
SSDEEP

98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVtvH:+DqPe1Cxcxk3ZAEUadzR8yctvH

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

835cbba608ad354eeaf5671108d39450_JaffaCakes118.dll

Resource

win7-20240708-en

wannacry discovery ransomware worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

835cbba608ad354eeaf5671108d39450_JaffaCakes118.dll

Resource

win10v2004-20240730-en

wannacry discovery ransomware worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  835cbba608ad354eeaf5671108d39450_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  835cbba608ad354eeaf5671108d39450
- SHA1
  
  d3fa0e70ead6f25317d2ba822a04562422c205b7
- SHA256
  
  278cc6e804a8c54e71c0ea8565fbe21ebbf2dad3a0bbe3bfe13c324292abe076
- SHA512
  
  30e4e8a17105113e5bec76126b2f47534f94ce8dfc9af652a059809b55401f38af50473b060923c19e3434ad62eef696dabf408652b7254a70c421b68ffbf91c
- SSDEEP
  
  98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVtvH:+DqPe1Cxcxk3ZAEUadzR8yctvH
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3343) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy