Overview

overview

10

Static

static

3

2024082490...ry.exe

windows7-x64

10

2024082490...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024082490a1e06d78737b9a87e8ea42f76e2544wannacry

  • Size

    3.6MB

  • Sample

    240824-m55qwsydnn

  • MD5

    90a1e06d78737b9a87e8ea42f76e2544

  • SHA1

    785ddf8bd3add2da415cbc7c39aab7eb21407d20

  • SHA256

    e1bee0f7a7cd0ac8659033d9e67bfc83ae03843ed30dff8ca590f916604a6de7

  • SHA512

    40ee623eb975b3890d3e8260e76963d078a7734c040d4151fa0cf11fd6e2421f5ea609f67922a51c6df7a09f077087361586d5f40208bc97ee70531e2a3df5be

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:yDqPoBhz1aRxcSUDk36SAEdhvxWa9

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024082490a1e06d78737b9a87e8ea42f76e2544wannacry

    • Size

      3.6MB

    • MD5

      90a1e06d78737b9a87e8ea42f76e2544

    • SHA1

      785ddf8bd3add2da415cbc7c39aab7eb21407d20

    • SHA256

      e1bee0f7a7cd0ac8659033d9e67bfc83ae03843ed30dff8ca590f916604a6de7

    • SHA512

      40ee623eb975b3890d3e8260e76963d078a7734c040d4151fa0cf11fd6e2421f5ea609f67922a51c6df7a09f077087361586d5f40208bc97ee70531e2a3df5be

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:yDqPoBhz1aRxcSUDk36SAEdhvxWa9

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3002) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks