Overview

overview

10

Static

static

3

2025-01-01...ry.exe

windows7-x64

10

2025-01-01...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_6812a4773a1895e8cfcc40a51c4c0ae1_wannacry

  • Size

    3.6MB

  • Sample

    250101-nmjw5stkgv

  • MD5

    6812a4773a1895e8cfcc40a51c4c0ae1

  • SHA1

    894fe56f871d13831fc85370152e0ecb371636c9

  • SHA256

    74f7db23b87ef33032e9ac9aac39d7d90538d860512c848e12d06f87af33795e

  • SHA512

    db0fc6995c4db34d727d3ad7e955da6d441a6f8935477b2aa4a156200ed6dffa61559b3142c76088137361cfc109a33995975d772d1daa55d8e4334c87f1689e

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAsI6:XDqPoBhz1aRxcSUDk36SAi

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-01-01_6812a4773a1895e8cfcc40a51c4c0ae1_wannacry

    • Size

      3.6MB

    • MD5

      6812a4773a1895e8cfcc40a51c4c0ae1

    • SHA1

      894fe56f871d13831fc85370152e0ecb371636c9

    • SHA256

      74f7db23b87ef33032e9ac9aac39d7d90538d860512c848e12d06f87af33795e

    • SHA512

      db0fc6995c4db34d727d3ad7e955da6d441a6f8935477b2aa4a156200ed6dffa61559b3142c76088137361cfc109a33995975d772d1daa55d8e4334c87f1689e

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAsI6:XDqPoBhz1aRxcSUDk36SAi

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3249) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks