Overview

overview

10

Static

static

3

2024-11-12...ry.exe

windows7-x64

10

2024-11-12...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-12_70b52d2bf5192eaebd53e883ffa9c35c_wannacry

  • Size

    3.6MB

  • Sample

    241112-twtetswglk

  • MD5

    70b52d2bf5192eaebd53e883ffa9c35c

  • SHA1

    32c92daddbf55b011772ee707bc7ca6e6e8f6d6b

  • SHA256

    28f5e48871e37772162ca2d9ef5ba905a65ee894aa518a63f26221ae9dda195e

  • SHA512

    80ad800047fb57af599991fc8bc295b0c9a36a3bf59f2492cf82b06afdadaa62b9377c5f24eb04ba2d3bc867d5816e7ad9eb5cd367d84863b0e99f5d51f50d7b

  • SSDEEP

    49152:XnAQHMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:XDHPoBhz1aRxcSUDk36SAEdhv

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-11-12_70b52d2bf5192eaebd53e883ffa9c35c_wannacry

    • Size

      3.6MB

    • MD5

      70b52d2bf5192eaebd53e883ffa9c35c

    • SHA1

      32c92daddbf55b011772ee707bc7ca6e6e8f6d6b

    • SHA256

      28f5e48871e37772162ca2d9ef5ba905a65ee894aa518a63f26221ae9dda195e

    • SHA512

      80ad800047fb57af599991fc8bc295b0c9a36a3bf59f2492cf82b06afdadaa62b9377c5f24eb04ba2d3bc867d5816e7ad9eb5cd367d84863b0e99f5d51f50d7b

    • SSDEEP

      49152:XnAQHMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:XDHPoBhz1aRxcSUDk36SAEdhv

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3238) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks