General
-
Target
Ransomware.WannaCry_Plus.zip
-
Size
2.3MB
-
Sample
240911-fjgzdatdkr
-
MD5
5641d280a62b66943bf2d05a72a972c7
-
SHA1
c857f1162c316a25eeff6116e249a97b59538585
-
SHA256
ab14c3f5741c06ad40632447b2fc10662d151afb32066a507aab4ec866ffd488
-
SHA512
0633bc32fa6d31b4c6f04171002ad5da6bb83571b9766e5c8d81002037b4bc96e86eb059d35cf5ce17a1a75767461ba5ac0a89267c3d0e5ce165719ca2af1752
-
SSDEEP
49152:9mqR0GTCRh8C9PYUYwm79evoBD2HSypKLZ5u/KU940CwmWtSQX5ddmL6T:RA8GY3b9ev62yypKLlUVCpSSQX5ddmeT
Static task
static1
Behavioral task
behavioral1
Sample
Win32.Wannacry.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Win32.Wannacry.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Win32.Wannacry.exe
-
Size
5.0MB
-
MD5
30fe2f9a048d7a734c8d9233f64810ba
-
SHA1
2027a053de21bd5c783c3f823ed1d36966780ed4
-
SHA256
55504677f82981962d85495231695d3a92aa0b31ec35a957bd9cbbef618658e3
-
SHA512
b657b02506f768db3255293b0c86452b4dfdd30804629c323aaa9510a3b637b0906e5963179ef7d4aaedc14646f2be2b4292e6584a6c55c6ddb596cff7f20e2a
-
SSDEEP
49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9
Score10/10-
Contacts a large (816) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Drops file in System32 directory
-