Overview

overview

10

Static

static

3

2024-09-28...ry.exe

windows7-x64

10

2024-09-28...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-28_0cced25124e874c9efd6eabb165999bf_wannacry

  • Size

    5.0MB

  • Sample

    240928-l2r5yszcpk

  • MD5

    0cced25124e874c9efd6eabb165999bf

  • SHA1

    d5e05b188e2a7c2e06e2b812ce6ed51b789b9e99

  • SHA256

    b89898229701729ad9cab038de211658ff37fdc3e8899c08b1410fc068f7c60d

  • SHA512

    9cf3860c5d1ff61e5c72832939535587e73fdfaee707781841eaca4d2d80551172cf7f5acaf409b7813f9bdc23858cd5aca4a01118ee713349fc3d14b5e8e619

  • SSDEEP

    49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S:Z8qPoBhz1aRxcSUDk36S

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-09-28_0cced25124e874c9efd6eabb165999bf_wannacry

    • Size

      5.0MB

    • MD5

      0cced25124e874c9efd6eabb165999bf

    • SHA1

      d5e05b188e2a7c2e06e2b812ce6ed51b789b9e99

    • SHA256

      b89898229701729ad9cab038de211658ff37fdc3e8899c08b1410fc068f7c60d

    • SHA512

      9cf3860c5d1ff61e5c72832939535587e73fdfaee707781841eaca4d2d80551172cf7f5acaf409b7813f9bdc23858cd5aca4a01118ee713349fc3d14b5e8e619

    • SSDEEP

      49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S:Z8qPoBhz1aRxcSUDk36S

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3345) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks