wannacry | 5dc34334e1659157e333724d2b5d527f07876198b526e7d7f004608ac4bf7aba | Triage

Sharing

General

Target

5dc34334e1659157e333724d2b5d527f07876198b526e7d7f004608ac4bf7abaN
Size

5.0MB
Sample

241030-p2e26svndq
MD5

00562ef267ef4234c23d8a6857c9ddd0
SHA1

4277411f9a7ed7a7e94ed8d398e12d319d8a0fc4
SHA256

5dc34334e1659157e333724d2b5d527f07876198b526e7d7f004608ac4bf7aba
SHA512

cb449ad7ebc3ad984a9fbc37495e5868d261df5c69e2068804b03a1617ee197350f51440b4f08bdb60677180da95e024a2bae5f3261cbd0cc927fcf01c0b8615
SSDEEP

49152:QnhqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:QhqPoBhz1aRxcSUDk36SA

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  5dc34334e1659157e333724d2b5d527f07876198b526e7d7f004608ac4bf7abaN
- Size
  
  5.0MB
- MD5
  
  00562ef267ef4234c23d8a6857c9ddd0
- SHA1
  
  4277411f9a7ed7a7e94ed8d398e12d319d8a0fc4
- SHA256
  
  5dc34334e1659157e333724d2b5d527f07876198b526e7d7f004608ac4bf7aba
- SHA512
  
  cb449ad7ebc3ad984a9fbc37495e5868d261df5c69e2068804b03a1617ee197350f51440b4f08bdb60677180da95e024a2bae5f3261cbd0cc927fcf01c0b8615
- SSDEEP
  
  49152:QnhqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:QhqPoBhz1aRxcSUDk36SA
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (1303) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm