Overview

overview

10

Static

static

3

ffe9ea12e5...cN.exe

windows7-x64

10

ffe9ea12e5...cN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ffe9ea12e584c1cd38ac3fecc74255d559b538a7c9c43f2a5f348c55e13e6facN.exe

  • Size

    5.0MB

  • Sample

    241206-n9dnmswpc1

  • MD5

    00adcac6e38a26c0eb69729829e5e150

  • SHA1

    5f12c8ba03e4feb15fa019ef2943921c9184a449

  • SHA256

    ffe9ea12e584c1cd38ac3fecc74255d559b538a7c9c43f2a5f348c55e13e6fac

  • SHA512

    bd069646b1e8d39801732fc5cfdc74d4eef162d3b14120a15e46487bbac9fe0613847ba0167eccb91d4089853611c396127a372ab0ddeece8eb159fa50204f8f

  • SSDEEP

    49152:WnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAk:SDqPoBhz1aRxcSUDk36SAt

Score
10/10
wannacrydiscoveryevasionransomwareworm

Malware Config

Targets

    • Target

      ffe9ea12e584c1cd38ac3fecc74255d559b538a7c9c43f2a5f348c55e13e6facN.exe

    • Size

      5.0MB

    • MD5

      00adcac6e38a26c0eb69729829e5e150

    • SHA1

      5f12c8ba03e4feb15fa019ef2943921c9184a449

    • SHA256

      ffe9ea12e584c1cd38ac3fecc74255d559b538a7c9c43f2a5f348c55e13e6fac

    • SHA512

      bd069646b1e8d39801732fc5cfdc74d4eef162d3b14120a15e46487bbac9fe0613847ba0167eccb91d4089853611c396127a372ab0ddeece8eb159fa50204f8f

    • SSDEEP

      49152:WnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAk:SDqPoBhz1aRxcSUDk36SAt

    Score
    10/10
    wannacrydiscoveryransomwarewormevasion

    • Modifies firewall policy service

      evasion

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (2434) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.