Overview

overview

10

Static

static

3

2024-11-30...ry.exe

windows7-x64

10

2024-11-30...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-30_beb8ef1e34159921a4142a7085a9113f_wannacry

  • Size

    5.0MB

  • Sample

    241130-qgclzsypgp

  • MD5

    beb8ef1e34159921a4142a7085a9113f

  • SHA1

    e1513e66863ed7e9d1d7a552b9682142bd577e92

  • SHA256

    f30e470b0ae4042bb00424bc717624190905678055af2cef659be022cfa43908

  • SHA512

    1e08bb434d0d5f282b39db72303fd844fd9f3f5af44844d61ec9ba9556857c294250ca50b491171b9fd2736395408a02feb0bcf4ee5880a730a6f72e127ddc57

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSVAMEcaEau3R8yAH1plAH:yDqPoBhz1aRxcSV593R8yAVp2H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-11-30_beb8ef1e34159921a4142a7085a9113f_wannacry

    • Size

      5.0MB

    • MD5

      beb8ef1e34159921a4142a7085a9113f

    • SHA1

      e1513e66863ed7e9d1d7a552b9682142bd577e92

    • SHA256

      f30e470b0ae4042bb00424bc717624190905678055af2cef659be022cfa43908

    • SHA512

      1e08bb434d0d5f282b39db72303fd844fd9f3f5af44844d61ec9ba9556857c294250ca50b491171b9fd2736395408a02feb0bcf4ee5880a730a6f72e127ddc57

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSVAMEcaEau3R8yAH1plAH:yDqPoBhz1aRxcSV593R8yAVp2H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3316) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks