wannacry | 96dd34bd8af12ac28cb598988f67351ca47502d1b4a16c98066baa2191eb77af | Triage

Sharing

General

Target

96dd34bd8af12ac28cb598988f67351ca47502d1b4a16c98066baa2191eb77afN.exe
Size

5.0MB
Sample

241216-x6x3jsyrfp
MD5

3dfde3406cf80d5438a3b33f73228530
SHA1

4e410acd074c2d35e9e90212e72c2a1610e32851
SHA256

96dd34bd8af12ac28cb598988f67351ca47502d1b4a16c98066baa2191eb77af
SHA512

cc140074faab7a6c1e5e6a441278852f5c0aded1ca406b9832516d12291ec7acbd87ff797eb36f30070704bcbdaff1a9d9241854095a86ecf0f8cf0dbdc04118
SSDEEP

98304:+DqPoBhz1aRxcSUDk36SAEdhb3R8yAVp2H:+DqPe1Cxcxk3ZAEHR8yc4H

Score

10^/10

wannacry discovery ransomware worm

Malware Config

Targets

- Target
  
  96dd34bd8af12ac28cb598988f67351ca47502d1b4a16c98066baa2191eb77afN.exe
- Size
  
  5.0MB
- MD5
  
  3dfde3406cf80d5438a3b33f73228530
- SHA1
  
  4e410acd074c2d35e9e90212e72c2a1610e32851
- SHA256
  
  96dd34bd8af12ac28cb598988f67351ca47502d1b4a16c98066baa2191eb77af
- SHA512
  
  cc140074faab7a6c1e5e6a441278852f5c0aded1ca406b9832516d12291ec7acbd87ff797eb36f30070704bcbdaff1a9d9241854095a86ecf0f8cf0dbdc04118
- SSDEEP
  
  98304:+DqPoBhz1aRxcSUDk36SAEdhb3R8yAVp2H:+DqPe1Cxcxk3ZAEHR8yc4H
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (2474) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm