wannacry | 6a02333d5f733211d62775715e14c413403bf7bcec6f20285cdb06fb2e48edab | Triage

Resubmissions

09-11-2024 15:52

241109-tbkxyszpcj 10

09-11-2024 13:53

241109-q7a6vawapp 10

Sharing

General

Target

2024-11-09_a725090d3e50e3e0509db10807ce65e3_wannacry
Size

5.0MB
Sample

241109-q7a6vawapp
MD5

a725090d3e50e3e0509db10807ce65e3
SHA1

b998ac615250752c9f5d08b784ace6aacc0dbf83
SHA256

6a02333d5f733211d62775715e14c413403bf7bcec6f20285cdb06fb2e48edab
SHA512

833bcce4a359698dac3a8260ec9e88adfac57c3a141417e2eda3820353afaaa9a04fdcc1947c55bfe1dfaad95c1f56b4f279fb4aa95ef33a1b4a59f7cd160a18
SSDEEP

49152:ZnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEc:t8qPoBhz1aRxcSUDk36SAEdhvxWa9P5

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  2024-11-09_a725090d3e50e3e0509db10807ce65e3_wannacry
- Size
  
  5.0MB
- MD5
  
  a725090d3e50e3e0509db10807ce65e3
- SHA1
  
  b998ac615250752c9f5d08b784ace6aacc0dbf83
- SHA256
  
  6a02333d5f733211d62775715e14c413403bf7bcec6f20285cdb06fb2e48edab
- SHA512
  
  833bcce4a359698dac3a8260ec9e88adfac57c3a141417e2eda3820353afaaa9a04fdcc1947c55bfe1dfaad95c1f56b4f279fb4aa95ef33a1b4a59f7cd160a18
- SSDEEP
  
  49152:ZnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEc:t8qPoBhz1aRxcSUDk36SAEdhvxWa9P5
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (3141) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm