Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-08-24_eaa606cdfcc53a3caceffa495edaa5fc_wannacry

  • Size

    3.6MB

  • Sample

    240824-a2df1sybjq

  • MD5

    eaa606cdfcc53a3caceffa495edaa5fc

  • SHA1

    777c85b6c9c313e31eed6dc0d617498716ae78f4

  • SHA256

    686f7f5b0de287261bb48ceadb2d1902579d1dfda82604fdeecf0844cac9a27e

  • SHA512

    7089d225f192d25407894953ed7771bf72330fce7fe7efd6fcc1fa27b568abc1cbdb23da5099994edb987810dce6a9a34ed53c842cc4443dd339a1f2aafbb604

  • SSDEEP

    49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAR:Z8qPoBhz1aRxcSUDk36SAE

Malware Config

Targets

    • Target

      2024-08-24_eaa606cdfcc53a3caceffa495edaa5fc_wannacry

    • Size

      3.6MB

    • MD5

      eaa606cdfcc53a3caceffa495edaa5fc

    • SHA1

      777c85b6c9c313e31eed6dc0d617498716ae78f4

    • SHA256

      686f7f5b0de287261bb48ceadb2d1902579d1dfda82604fdeecf0844cac9a27e

    • SHA512

      7089d225f192d25407894953ed7771bf72330fce7fe7efd6fcc1fa27b568abc1cbdb23da5099994edb987810dce6a9a34ed53c842cc4443dd339a1f2aafbb604

    • SSDEEP

      49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAR:Z8qPoBhz1aRxcSUDk36SAE

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3199) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks