wannacry | 3d1cc5fb2fc37f326ff56e19fa2c4ffd2c92fd41ce1926e61382ed58c7d9ed48 | Triage

Submit
Reports

Overview

overview

Static

static

3

feae26f17d...18.dll

windows7-x64

feae26f17d...18.dll

windows10-2004-x64

Sharing

General

Target

feae26f17da20dcf2f3b92c1e1384b0c_JaffaCakes118
Size

5.0MB
Sample

240929-rcjeeazgrh
MD5

feae26f17da20dcf2f3b92c1e1384b0c
SHA1

d58885716ca1a85507ac84e7ce3c86b2633b8867
SHA256

3d1cc5fb2fc37f326ff56e19fa2c4ffd2c92fd41ce1926e61382ed58c7d9ed48
SHA512

e6ca1032fb166588b6361bc7456de2fe8904d69795b1a40c92b1bff000e34c38dedd4de6aa34db4d2ad9d6568b54243c1be7580a5512c71ff99adc2bf7edbcf2
SSDEEP

24576:RbLgurgDdmMSirYbcMNgef0QeQjGJASk+RdhAdmv:RnsEMSPbcBVQejJAARdhnv

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

feae26f17da20dcf2f3b92c1e1384b0c_JaffaCakes118.dll

Resource

win7-20240708-en

wannacry discovery ransomware worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

feae26f17da20dcf2f3b92c1e1384b0c_JaffaCakes118.dll

Resource

win10v2004-20240802-en

wannacry discovery ransomware worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  feae26f17da20dcf2f3b92c1e1384b0c_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  feae26f17da20dcf2f3b92c1e1384b0c
- SHA1
  
  d58885716ca1a85507ac84e7ce3c86b2633b8867
- SHA256
  
  3d1cc5fb2fc37f326ff56e19fa2c4ffd2c92fd41ce1926e61382ed58c7d9ed48
- SHA512
  
  e6ca1032fb166588b6361bc7456de2fe8904d69795b1a40c92b1bff000e34c38dedd4de6aa34db4d2ad9d6568b54243c1be7580a5512c71ff99adc2bf7edbcf2
- SSDEEP
  
  24576:RbLgurgDdmMSirYbcMNgef0QeQjGJASk+RdhAdmv:RnsEMSPbcBVQejJAARdhnv
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3269) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy