wannacry | 9861c73665ed548893de757579566e761b9c6a7c780216377efffd140d240842 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-12-10...ry.exe

windows7-x64

2024-12-10...ry.exe

windows10-2004-x64

Sharing

General

Target

2024-12-10_3c9ee5c9c41d9e4094cc59e51efccdf2_wannacry
Size

5.0MB
Sample

241210-nwr9wazkfj
MD5

3c9ee5c9c41d9e4094cc59e51efccdf2
SHA1

9d1e7ae2f810e9da16ceafcc7c3b1ae26b68e9f3
SHA256

9861c73665ed548893de757579566e761b9c6a7c780216377efffd140d240842
SHA512

be4dd4356018d8484fc363a15cfaaa36e5c79019b90f7d328fefbb16e70b4e67c84d8fb64c76607a8dca8a9b4d569ab6621488cc18c25ce1912b06dfe97b462c
SSDEEP

49152:QnpcSPbcBVm2uvgyd7+KnT2becwT6DGMIBHuLZy:QpfoBtywKSbevWSdOLZ

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-12-10_3c9ee5c9c41d9e4094cc59e51efccdf2_wannacry.exe

Resource

win7-20240903-en

wannacry discovery ransomware worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-12-10_3c9ee5c9c41d9e4094cc59e51efccdf2_wannacry.exe

Resource

win10v2004-20241007-en

wannacry discovery ransomware worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-12-10_3c9ee5c9c41d9e4094cc59e51efccdf2_wannacry
- Size
  
  5.0MB
- MD5
  
  3c9ee5c9c41d9e4094cc59e51efccdf2
- SHA1
  
  9d1e7ae2f810e9da16ceafcc7c3b1ae26b68e9f3
- SHA256
  
  9861c73665ed548893de757579566e761b9c6a7c780216377efffd140d240842
- SHA512
  
  be4dd4356018d8484fc363a15cfaaa36e5c79019b90f7d328fefbb16e70b4e67c84d8fb64c76607a8dca8a9b4d569ab6621488cc18c25ce1912b06dfe97b462c
- SSDEEP
  
  49152:QnpcSPbcBVm2uvgyd7+KnT2becwT6DGMIBHuLZy:QpfoBtywKSbevWSdOLZ
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (3212) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy