Overview

overview

10

Static

static

3

2024-08-10...ry.exe

windows7-x64

10

2024-08-10...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-10_3da0dae27549f2b5d26a8d7e167f6be8_wannacry

  • Size

    5.0MB

  • Sample

    240810-nm3dgs1gjc

  • MD5

    3da0dae27549f2b5d26a8d7e167f6be8

  • SHA1

    8919083b986a07e5a076ff998c7586bba7f9df2f

  • SHA256

    b425adf228e64af0741c8838cb8ec6b22f0828ae37733f5eaf77a25d01f06adc

  • SHA512

    4ae8c82072ea607fbf056f5f19ab91caa80c9dad4d90bda4a2813132164dc90448be23f73f69f38bd2bee153e5ccbd163d424e701d0ffb27d4ce1d0752fb43d8

  • SSDEEP

    24576:0bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmiH:0nAQqMSPbcBVQej/1INRx+TSqTdX1H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-08-10_3da0dae27549f2b5d26a8d7e167f6be8_wannacry

    • Size

      5.0MB

    • MD5

      3da0dae27549f2b5d26a8d7e167f6be8

    • SHA1

      8919083b986a07e5a076ff998c7586bba7f9df2f

    • SHA256

      b425adf228e64af0741c8838cb8ec6b22f0828ae37733f5eaf77a25d01f06adc

    • SHA512

      4ae8c82072ea607fbf056f5f19ab91caa80c9dad4d90bda4a2813132164dc90448be23f73f69f38bd2bee153e5ccbd163d424e701d0ffb27d4ce1d0752fb43d8

    • SSDEEP

      24576:0bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmiH:0nAQqMSPbcBVQej/1INRx+TSqTdX1H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3163) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks