Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-08-23_5feb524b16e77125ca39cea8663cf061_wannacry

  • Size

    3.6MB

  • Sample

    240823-qqv5paygnr

  • MD5

    5feb524b16e77125ca39cea8663cf061

  • SHA1

    a9df909ff44cefae2db5e70c19094b42cbd121e0

  • SHA256

    11db7bbf963678a44df09acefa2cb75a5580d8a02608867b07939895e1b3756f

  • SHA512

    6514a92c3ad20b291dd2e25eefc9f068fa7b584eefd53a45f3db7e662567ef478149b21071dfb13e203722d7234bcf455d1ea706ac7f28496ee7576028c8121b

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1IN/A6SAAgR8yAH1plAHI:yDqPoBhz1a/A6SApR8yAVp2HI

Malware Config

Targets

    • Target

      2024-08-23_5feb524b16e77125ca39cea8663cf061_wannacry

    • Size

      3.6MB

    • MD5

      5feb524b16e77125ca39cea8663cf061

    • SHA1

      a9df909ff44cefae2db5e70c19094b42cbd121e0

    • SHA256

      11db7bbf963678a44df09acefa2cb75a5580d8a02608867b07939895e1b3756f

    • SHA512

      6514a92c3ad20b291dd2e25eefc9f068fa7b584eefd53a45f3db7e662567ef478149b21071dfb13e203722d7234bcf455d1ea706ac7f28496ee7576028c8121b

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1IN/A6SAAgR8yAH1plAHI:yDqPoBhz1a/A6SApR8yAVp2HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3209) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks