Overview

overview

10

Static

static

3

2024-09-29...ry.exe

windows7-x64

10

2024-09-29...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-29_dab5be882a328c6d13589f410aebcfb7_wannacry

  • Size

    5.0MB

  • Sample

    240929-ly5lwayfqm

  • MD5

    dab5be882a328c6d13589f410aebcfb7

  • SHA1

    7a4b66e1bf15336114f58aa796fab159a1a7709c

  • SHA256

    2440e22c72810d285306f7cbd386f476bfb67b60dd2f5d8e5ba44b0279e3b6a2

  • SHA512

    ddbb7a6059b99e22ee9854d25df81a9a2b8e682bbabe38e094d942097aa57fc779d9f17e79bd9b3a19b5382a26ccf92b96a70f5cf9fec4eef88bd3320df0a24b

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R:yDqPe1Cxcxk3ZAEUadzR

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-09-29_dab5be882a328c6d13589f410aebcfb7_wannacry

    • Size

      5.0MB

    • MD5

      dab5be882a328c6d13589f410aebcfb7

    • SHA1

      7a4b66e1bf15336114f58aa796fab159a1a7709c

    • SHA256

      2440e22c72810d285306f7cbd386f476bfb67b60dd2f5d8e5ba44b0279e3b6a2

    • SHA512

      ddbb7a6059b99e22ee9854d25df81a9a2b8e682bbabe38e094d942097aa57fc779d9f17e79bd9b3a19b5382a26ccf92b96a70f5cf9fec4eef88bd3320df0a24b

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R:yDqPe1Cxcxk3ZAEUadzR

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3351) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks