wannacry | ec937edfe0ed71ad8db76127b3a578a5dbf4a43ac8d022b4376f7fc32d0feb37 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024081954...ry.exe

windows7-x64

2024081954...ry.exe

windows10-2004-x64

Sharing

General

Target

2024081954872d3df889aa75ef5d90566b8beae6wannacry
Size

3.6MB
Sample

240819-l98gxaybpa
MD5

54872d3df889aa75ef5d90566b8beae6
SHA1

424f8a5341bb8da0dc97067327144214d05c0236
SHA256

ec937edfe0ed71ad8db76127b3a578a5dbf4a43ac8d022b4376f7fc32d0feb37
SHA512

01e015f645917737afad3aaa6b9380632da7b44b5617b448566e1410c0c562dd9c1a3ea712d10ce324fea79203283e4099ece90ccc49bb8a6a402499883c7d68
SSDEEP

98304:czqPoBhUk36SAEdhvxWa9P593R8yAVp2Hx:czqP3k3ZAEUadzR8yc4Hx

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024081954872d3df889aa75ef5d90566b8beae6wannacry.exe

Resource

win7-20240704-en

wannacry discovery ransomware worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024081954872d3df889aa75ef5d90566b8beae6wannacry.exe

Resource

win10v2004-20240802-en

wannacry discovery ransomware worm

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024081954872d3df889aa75ef5d90566b8beae6wannacry
- Size
  
  3.6MB
- MD5
  
  54872d3df889aa75ef5d90566b8beae6
- SHA1
  
  424f8a5341bb8da0dc97067327144214d05c0236
- SHA256
  
  ec937edfe0ed71ad8db76127b3a578a5dbf4a43ac8d022b4376f7fc32d0feb37
- SHA512
  
  01e015f645917737afad3aaa6b9380632da7b44b5617b448566e1410c0c562dd9c1a3ea712d10ce324fea79203283e4099ece90ccc49bb8a6a402499883c7d68
- SSDEEP
  
  98304:czqPoBhUk36SAEdhvxWa9P593R8yAVp2Hx:czqP3k3ZAEUadzR8yc4Hx
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3154) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy