Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-27_2dd0ad0d055e1b487ad92750f78fc75d_wannacry

  • Size

    3.6MB

  • Sample

    240927-veze7asbkr

  • MD5

    2dd0ad0d055e1b487ad92750f78fc75d

  • SHA1

    d0bc863ced81c93c0a40f62ca9a67a98558a2227

  • SHA256

    7837231c89e52635554a867eb5274fa4c1c9149d92b6d09435baf5b6f964d86b

  • SHA512

    538bed3012e7f9846d5d67193270839c3e1c501b65c7aeb0009523126d33d7227b7a699b4008a5bdf96b3847bbe416072b773612af6d9bd06fb3b2a711570146

  • SSDEEP

    98304:ZDqPoBhz1aRxcSUDk36SAEdhvxWa9P592c/Jf:ZDqPe1Cxcxk3ZAEUadN1

Malware Config

Targets

    • Target

      2024-09-27_2dd0ad0d055e1b487ad92750f78fc75d_wannacry

    • Size

      3.6MB

    • MD5

      2dd0ad0d055e1b487ad92750f78fc75d

    • SHA1

      d0bc863ced81c93c0a40f62ca9a67a98558a2227

    • SHA256

      7837231c89e52635554a867eb5274fa4c1c9149d92b6d09435baf5b6f964d86b

    • SHA512

      538bed3012e7f9846d5d67193270839c3e1c501b65c7aeb0009523126d33d7227b7a699b4008a5bdf96b3847bbe416072b773612af6d9bd06fb3b2a711570146

    • SSDEEP

      98304:ZDqPoBhz1aRxcSUDk36SAEdhvxWa9P592c/Jf:ZDqPe1Cxcxk3ZAEUadN1

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3319) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks