Analysis Overview
score
3/10
SHA256
adb41a37499a6f0f5b1e58b1973367dd34a695293dc1fed601c79d21fd0754c1
Threat Level: Likely benign
The file Ransomware.wannacry.exe.malz.7z was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
System Location Discovery: System Language Discovery
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-16 08:32
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-16 08:32
Reported
2024-11-16 08:33
Platform
win7-20240903-en
Max time kernel
16s
Max time network
17s
Command Line
"C:\Users\Admin\AppData\Local\Temp\Ransomware.wannacry.exe"
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Ransomware.wannacry.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\Ransomware.wannacry.exe
"C:\Users\Admin\AppData\Local\Temp\Ransomware.wannacry.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com | udp |
| US | 104.16.166.228:80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com | tcp |
Files
N/A