Overview

overview

10

Static

static

3

2024-08-15...ry.exe

windows7-x64

10

2024-08-15...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-15_709b90910576deaea98d6bf5efcbe218_wannacry

  • Size

    5.0MB

  • Sample

    240815-lj9bhsweqf

  • MD5

    709b90910576deaea98d6bf5efcbe218

  • SHA1

    d7e8b7643426f3e568d4c25e0e536932a36f2e3c

  • SHA256

    a37e08171a85f09fd22b97cb8606284e2d3a023fe75eb0208bd64add343d9976

  • SHA512

    150659bb3bb2c180264733e2b7b9efa3c2e96c6f20476727bc7e27112895a37bfb4c39699182d98e41657b418ea001351a552cbaf1214ced9570e392d645eb6b

  • SSDEEP

    98304:bDqPoBhz1aRxcSUDk36SAEdhvxWa9wp2H:bDqPe1Cxcxk3ZAEUaq4H

Score
10/10
wannacrydiscoveryevasionransomwareworm

Malware Config

Targets

    • Target

      2024-08-15_709b90910576deaea98d6bf5efcbe218_wannacry

    • Size

      5.0MB

    • MD5

      709b90910576deaea98d6bf5efcbe218

    • SHA1

      d7e8b7643426f3e568d4c25e0e536932a36f2e3c

    • SHA256

      a37e08171a85f09fd22b97cb8606284e2d3a023fe75eb0208bd64add343d9976

    • SHA512

      150659bb3bb2c180264733e2b7b9efa3c2e96c6f20476727bc7e27112895a37bfb4c39699182d98e41657b418ea001351a552cbaf1214ced9570e392d645eb6b

    • SSDEEP

      98304:bDqPoBhz1aRxcSUDk36SAEdhvxWa9wp2H:bDqPe1Cxcxk3ZAEUaq4H

    Score
    10/10
    wannacrydiscoveryransomwarewormevasion

    • Modifies firewall policy service

      evasion

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3189) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks