Overview

overview

10

Static

static

3

2024-12-06...ry.exe

windows7-x64

10

2024-12-06...ry.exe

windows10-2004-x64

10

Resubmissions

06-12-2024 09:16

241206-k8kh1swmbl 10

06-12-2024 06:34

241206-hb92aszrdj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-06_6cb9a403d0a554d1914774eea52a02b7_wannacry

  • Size

    3.6MB

  • Sample

    241206-hb92aszrdj

  • MD5

    6cb9a403d0a554d1914774eea52a02b7

  • SHA1

    fddbdb050d8e87d8519058edd26652543503e577

  • SHA256

    a3575dc2750ab021aa8320cba893035b8879b4fe5c271aff71e5a2a77788ce1c

  • SHA512

    001429d413ddc10222a4b6dca5a5370799653e455ed7dc5606a2b3bc5523d9e5011cbcc44ad0132a68231dc52dc7bde846986506f006dafa990e878f9b3b22ab

  • SSDEEP

    98304:XDqPoBhz1aR7cSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPe1C7cxk3ZAEUadzR8yc4HI

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-12-06_6cb9a403d0a554d1914774eea52a02b7_wannacry

    • Size

      3.6MB

    • MD5

      6cb9a403d0a554d1914774eea52a02b7

    • SHA1

      fddbdb050d8e87d8519058edd26652543503e577

    • SHA256

      a3575dc2750ab021aa8320cba893035b8879b4fe5c271aff71e5a2a77788ce1c

    • SHA512

      001429d413ddc10222a4b6dca5a5370799653e455ed7dc5606a2b3bc5523d9e5011cbcc44ad0132a68231dc52dc7bde846986506f006dafa990e878f9b3b22ab

    • SSDEEP

      98304:XDqPoBhz1aR7cSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPe1C7cxk3ZAEUadzR8yc4HI

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3129) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks