Overview

overview

10

Static

static

3

642377cd6d...fc.exe

windows7-x64

10

642377cd6d...fc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    642377cd6da4a663e3363aa26e290f62817c74f04b355abec220c5124c7f10fc.exe

  • Size

    5.0MB

  • Sample

    241210-q6ahxsxjcy

  • MD5

    92cd4772dbe7f579c3904838e10fda5b

  • SHA1

    0004941bb100c3356406ad3fb8de7738540c9178

  • SHA256

    642377cd6da4a663e3363aa26e290f62817c74f04b355abec220c5124c7f10fc

  • SHA512

    c5df142f56077c03e64fcb2d6f510f7087378a6d41556204d86b3894e70580270d9e6edaa96b08d9e69166faece89bd2fe872266eba24d13da6d40609a492530

  • SSDEEP

    6144:eE9l9ynRIYVTH5DgSgNajldktM0XXrCIai62XVIwYQuy8DLq1eNJ:e1bLgmluCti62lIMu7L5NJ

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      642377cd6da4a663e3363aa26e290f62817c74f04b355abec220c5124c7f10fc.exe

    • Size

      5.0MB

    • MD5

      92cd4772dbe7f579c3904838e10fda5b

    • SHA1

      0004941bb100c3356406ad3fb8de7738540c9178

    • SHA256

      642377cd6da4a663e3363aa26e290f62817c74f04b355abec220c5124c7f10fc

    • SHA512

      c5df142f56077c03e64fcb2d6f510f7087378a6d41556204d86b3894e70580270d9e6edaa96b08d9e69166faece89bd2fe872266eba24d13da6d40609a492530

    • SSDEEP

      6144:eE9l9ynRIYVTH5DgSgNajldktM0XXrCIai62XVIwYQuy8DLq1eNJ:e1bLgmluCti62lIMu7L5NJ

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3299) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks