Overview

overview

10

Static

static

3

2024-08-12...ry.exe

windows7-x64

10

2024-08-12...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-12_8e26e1260f667ec4524d800871c5a2ee_wannacry

  • Size

    5.0MB

  • Sample

    240812-mz9gwsxhlp

  • MD5

    8e26e1260f667ec4524d800871c5a2ee

  • SHA1

    e813831f10bcc005fd8af40ac1d7917717e8b653

  • SHA256

    51c8847b8f3a3437675ab207d5b2ecc8f96a5c194af50e5296587b28157a8353

  • SHA512

    1eb87f76a9bab00377d8549299f1ebb6ae92e9a030b912ce561c1c33e8fa0503de91bb89a2d088e92db89fd59011fb44f47feb0ed7e479db9b2faf3e42453eb5

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAc:yDqPoBhz1aRxcSUDk36SAd

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-08-12_8e26e1260f667ec4524d800871c5a2ee_wannacry

    • Size

      5.0MB

    • MD5

      8e26e1260f667ec4524d800871c5a2ee

    • SHA1

      e813831f10bcc005fd8af40ac1d7917717e8b653

    • SHA256

      51c8847b8f3a3437675ab207d5b2ecc8f96a5c194af50e5296587b28157a8353

    • SHA512

      1eb87f76a9bab00377d8549299f1ebb6ae92e9a030b912ce561c1c33e8fa0503de91bb89a2d088e92db89fd59011fb44f47feb0ed7e479db9b2faf3e42453eb5

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAc:yDqPoBhz1aRxcSUDk36SAd

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3266) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks