wannacry | 86643657fb4a57b5ac59e103f41e66e37e2faa9d1e73a4f7252ab3006778cb5f | Triage

Sharing

General

Target

2024-12-09_fbb84e01c91b9633788b3f654d103f4f_wannacry
Size

5.0MB
Sample

241209-kdjcgasjd1
MD5

fbb84e01c91b9633788b3f654d103f4f
SHA1

6b0db865a0cf794320af103076b1893e2e7f4b45
SHA256

86643657fb4a57b5ac59e103f41e66e37e2faa9d1e73a4f7252ab3006778cb5f
SHA512

8d733469ba0b63ce2699706884d07a45bd726f9a1b5c1979c8ab3cb89f074c8625fb74c36b3298128e42c51d32db5d7580ef6c368a7661117c740c58a9937003
SSDEEP

49152:VnFQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:ZeqPoBhz1aRxcSUDk36SA

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  2024-12-09_fbb84e01c91b9633788b3f654d103f4f_wannacry
- Size
  
  5.0MB
- MD5
  
  fbb84e01c91b9633788b3f654d103f4f
- SHA1
  
  6b0db865a0cf794320af103076b1893e2e7f4b45
- SHA256
  
  86643657fb4a57b5ac59e103f41e66e37e2faa9d1e73a4f7252ab3006778cb5f
- SHA512
  
  8d733469ba0b63ce2699706884d07a45bd726f9a1b5c1979c8ab3cb89f074c8625fb74c36b3298128e42c51d32db5d7580ef6c368a7661117c740c58a9937003
- SSDEEP
  
  49152:VnFQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:ZeqPoBhz1aRxcSUDk36SA
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (2105) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm