wannacry | 227e718d7697b5237cd79dcfec6bb5837f51bd34671cdb1f78a1551f50e1bdc5 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-12-14...ry.exe

windows7-x64

2024-12-14...ry.exe

windows10-2004-x64

Sharing

General

Target

2024-12-14_6fc4f2983948ef28a53ccdea6cd0db7c_wannacry
Size

5.0MB
Sample

241214-qb8ggavkap
MD5

6fc4f2983948ef28a53ccdea6cd0db7c
SHA1

764e33a41cb9755b83e6b0d003bafba160bb43a8
SHA256

227e718d7697b5237cd79dcfec6bb5837f51bd34671cdb1f78a1551f50e1bdc5
SHA512

a21c9521112aba5e2b0c20c6d83311c18b79918562d9a9e0fc1f3cf4f89f17ef37b9cb65f1b35fe4cb6733d48ec97c61784f716850b301904b3b9183ae987b88
SSDEEP

49152:QnsQqMSPbcBVQej/1INRx+TSqTdX1HkQI6SAARdhO:Q/qPoBhz1aRxcSUDkT6SAEdhO

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-12-14_6fc4f2983948ef28a53ccdea6cd0db7c_wannacry.exe

Resource

win7-20241023-en

wannacry discovery ransomware worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-12-14_6fc4f2983948ef28a53ccdea6cd0db7c_wannacry.exe

Resource

win10v2004-20241007-en

wannacry discovery ransomware worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-12-14_6fc4f2983948ef28a53ccdea6cd0db7c_wannacry
- Size
  
  5.0MB
- MD5
  
  6fc4f2983948ef28a53ccdea6cd0db7c
- SHA1
  
  764e33a41cb9755b83e6b0d003bafba160bb43a8
- SHA256
  
  227e718d7697b5237cd79dcfec6bb5837f51bd34671cdb1f78a1551f50e1bdc5
- SHA512
  
  a21c9521112aba5e2b0c20c6d83311c18b79918562d9a9e0fc1f3cf4f89f17ef37b9cb65f1b35fe4cb6733d48ec97c61784f716850b301904b3b9183ae987b88
- SSDEEP
  
  49152:QnsQqMSPbcBVQej/1INRx+TSqTdX1HkQI6SAARdhO:Q/qPoBhz1aRxcSUDkT6SAEdhO
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (3297) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy