Overview

overview

10

Static

static

3

2024-10-12...ry.exe

windows7-x64

10

2024-10-12...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-12_0077238064f7f71dd35e164f9dde8828_wannacry

  • Size

    2.2MB

  • Sample

    241012-e1gjhaxfmj

  • MD5

    0077238064f7f71dd35e164f9dde8828

  • SHA1

    4ac6074d2b57231a546481d3b209f9b173e0d2bd

  • SHA256

    4b721f99c5b9ee83b3e7b1927056985c7aae2f6e3fac0f0f3dc08cbd24ccb270

  • SHA512

    1242df145c5dc5f0cc768757c42a681e4114c2ee921e13dc7e771f6190b3396571f4f3663d4047a3e0fd41966bfe60c1d9d1c1607548f6f587f42e20e36114f9

  • SSDEEP

    24576:QbLguriIfEcQdIvrYbcMNgef0QeQjG/D8kIq9vn:QnpEjbcBVQej/5vn

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-10-12_0077238064f7f71dd35e164f9dde8828_wannacry

    • Size

      2.2MB

    • MD5

      0077238064f7f71dd35e164f9dde8828

    • SHA1

      4ac6074d2b57231a546481d3b209f9b173e0d2bd

    • SHA256

      4b721f99c5b9ee83b3e7b1927056985c7aae2f6e3fac0f0f3dc08cbd24ccb270

    • SHA512

      1242df145c5dc5f0cc768757c42a681e4114c2ee921e13dc7e771f6190b3396571f4f3663d4047a3e0fd41966bfe60c1d9d1c1607548f6f587f42e20e36114f9

    • SSDEEP

      24576:QbLguriIfEcQdIvrYbcMNgef0QeQjG/D8kIq9vn:QnpEjbcBVQej/5vn

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3292) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks