Overview

overview

10

Static

static

3

2025-01-04...ry.exe

windows7-x64

10

2025-01-04...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-04_281899ece058711043d719fbc0a1009e_wannacry

  • Size

    5.0MB

  • Sample

    250104-pz4mrazmby

  • MD5

    281899ece058711043d719fbc0a1009e

  • SHA1

    05cbeca81bf867f3c34092c2437169d3959e5eb2

  • SHA256

    c745c7297b6736472cf7ac09742ce5cd1828305bccd92d770d97ba58ad741302

  • SHA512

    78d8b78573620fbd8a0182754e6347df9ffc5fa7847a31f9e340ea847db703fc66aea12fe7ecd00309d403bce926772ee7b86d33924690984c5fc094f784404f

  • SSDEEP

    49152:QnxQqMSPbcBWQej/1INRx+TSqTdX1HkQo6SAARd:Q6qPoByz1aRxcSUDk36SAEd

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-01-04_281899ece058711043d719fbc0a1009e_wannacry

    • Size

      5.0MB

    • MD5

      281899ece058711043d719fbc0a1009e

    • SHA1

      05cbeca81bf867f3c34092c2437169d3959e5eb2

    • SHA256

      c745c7297b6736472cf7ac09742ce5cd1828305bccd92d770d97ba58ad741302

    • SHA512

      78d8b78573620fbd8a0182754e6347df9ffc5fa7847a31f9e340ea847db703fc66aea12fe7ecd00309d403bce926772ee7b86d33924690984c5fc094f784404f

    • SSDEEP

      49152:QnxQqMSPbcBWQej/1INRx+TSqTdX1HkQo6SAARd:Q6qPoByz1aRxcSUDk36SAEd

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3228) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks