Overview

overview

10

Static

static

3

2024-10-10...ry.exe

windows7-x64

10

2024-10-10...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-10_15d8410659fe6da185de97180cbbc78d_wannacry

  • Size

    2.2MB

  • Sample

    241010-3s8j1sybmp

  • MD5

    15d8410659fe6da185de97180cbbc78d

  • SHA1

    57acc5789902311059f6da41c4d42c895f6c5147

  • SHA256

    1aa4496971bd82e55bb830b7283423487becd1c73d0ea6ce2aceef3cfabb1eb7

  • SHA512

    6e855ce189e2f71d788021cca26e83f012159a05e989eebc6fc54fc2ee7a79ba657833cbf0334bbbb16d1d5e05e8d2b473a8b7006c7643ac16fc559f3b55518b

  • SSDEEP

    24576:QbLguriIfEcQdIVUacMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmi:QnpEKUacBVQej/1INRx+TSqTdX1

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-10-10_15d8410659fe6da185de97180cbbc78d_wannacry

    • Size

      2.2MB

    • MD5

      15d8410659fe6da185de97180cbbc78d

    • SHA1

      57acc5789902311059f6da41c4d42c895f6c5147

    • SHA256

      1aa4496971bd82e55bb830b7283423487becd1c73d0ea6ce2aceef3cfabb1eb7

    • SHA512

      6e855ce189e2f71d788021cca26e83f012159a05e989eebc6fc54fc2ee7a79ba657833cbf0334bbbb16d1d5e05e8d2b473a8b7006c7643ac16fc559f3b55518b

    • SSDEEP

      24576:QbLguriIfEcQdIVUacMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmi:QnpEKUacBVQej/1INRx+TSqTdX1

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3272) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks