Overview

overview

10

Static

static

3

50bc96d0df...eN.exe

windows7-x64

10

50bc96d0df...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50bc96d0df9d2e13211d73c578808bb4fbf21471d3acd6401e43e600d278a9eeN

  • Size

    3.6MB

  • Sample

    241004-se64xsvbrg

  • MD5

    e5670e8159d0ae2d0c35235ecfaba450

  • SHA1

    69e895fb65c1d660abae74785026165d6cc4e386

  • SHA256

    50bc96d0df9d2e13211d73c578808bb4fbf21471d3acd6401e43e600d278a9ee

  • SHA512

    c57e7aca7015261596b0deb6d18235663bc3d16761d7eed4ce72e2a16ec34d52d3716c51bee76b844ac2fb67d8a7342249e956448c9cae64b9499fc47eff77d7

  • SSDEEP

    49152:2nAQqMSPbcBVF+TSqTdX1HkQo6SAARdhnvxJM0H9PA:yDqPoB3cSUDk36SAEdhvxWa9P

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      50bc96d0df9d2e13211d73c578808bb4fbf21471d3acd6401e43e600d278a9eeN

    • Size

      3.6MB

    • MD5

      e5670e8159d0ae2d0c35235ecfaba450

    • SHA1

      69e895fb65c1d660abae74785026165d6cc4e386

    • SHA256

      50bc96d0df9d2e13211d73c578808bb4fbf21471d3acd6401e43e600d278a9ee

    • SHA512

      c57e7aca7015261596b0deb6d18235663bc3d16761d7eed4ce72e2a16ec34d52d3716c51bee76b844ac2fb67d8a7342249e956448c9cae64b9499fc47eff77d7

    • SSDEEP

      49152:2nAQqMSPbcBVF+TSqTdX1HkQo6SAARdhnvxJM0H9PA:yDqPoB3cSUDk36SAEdhvxWa9P

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3295) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks