General
-
Target
2024-12-23_44c3fb23ef9931dfdcb5eb040b6627df_wannacry
-
Size
5.0MB
-
Sample
241223-pjw8qszlaj
-
MD5
44c3fb23ef9931dfdcb5eb040b6627df
-
SHA1
b5ca1e10ea5d80e03c88a0e255b27fe778374d09
-
SHA256
fabf488df1f3a0af9b0fef97d0226e09864bc7dae2db5d2396e06bc694a97c12
-
SHA512
db4440b0dd72ed4a6157a257259ffd08fc2795abe3947509ab02908214523f4eb377b56c0a6d0200ac7c411dc1b9f4e1aa30387be8ace87f904051abce366570
-
SSDEEP
49152:XnAQqMSPbcBVQej/1INRMAMEcaEau3R8yAH1plAU3:XDqPoBhz1aRM593R8yAVp2U3
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-23_44c3fb23ef9931dfdcb5eb040b6627df_wannacry.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2024-12-23_44c3fb23ef9931dfdcb5eb040b6627df_wannacry.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-12-23_44c3fb23ef9931dfdcb5eb040b6627df_wannacry
-
Size
5.0MB
-
MD5
44c3fb23ef9931dfdcb5eb040b6627df
-
SHA1
b5ca1e10ea5d80e03c88a0e255b27fe778374d09
-
SHA256
fabf488df1f3a0af9b0fef97d0226e09864bc7dae2db5d2396e06bc694a97c12
-
SHA512
db4440b0dd72ed4a6157a257259ffd08fc2795abe3947509ab02908214523f4eb377b56c0a6d0200ac7c411dc1b9f4e1aa30387be8ace87f904051abce366570
-
SSDEEP
49152:XnAQqMSPbcBVQej/1INRMAMEcaEau3R8yAH1plAU3:XDqPoBhz1aRM593R8yAVp2U3
Score10/10-
Wannacry family
-
Contacts a large (3249) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1