Overview

overview

10

Static

static

3

a34d8bd749...63.dll

windows7-x64

10

a34d8bd749...63.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a34d8bd7493c5f8c2bf381a0267de463.dll

  • Size

    5.0MB

  • Sample

    250114-1ka8fa1kbw

  • MD5

    a34d8bd7493c5f8c2bf381a0267de463

  • SHA1

    19326be1a905a053f95cef69a630d30cb298bd5b

  • SHA256

    133e1d4c87a3728c2888997025565651e654f5af74c5428f822c9c058ec3b35e

  • SHA512

    647452c6bb769e1a928aba3af6140a63f210f14c3208b68ef05b94580c368f5fb865885ee8ce37bf3ae508687f1b2ec5c99e3364d9416a80eb15c11739dcd789

  • SSDEEP

    49152:RnpEKUacBVQej/1INRx+TSqTdX1HkQo6SAARdhOv:1pyfBhz1aRxcSUDk36SAEdhG

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      a34d8bd7493c5f8c2bf381a0267de463.dll

    • Size

      5.0MB

    • MD5

      a34d8bd7493c5f8c2bf381a0267de463

    • SHA1

      19326be1a905a053f95cef69a630d30cb298bd5b

    • SHA256

      133e1d4c87a3728c2888997025565651e654f5af74c5428f822c9c058ec3b35e

    • SHA512

      647452c6bb769e1a928aba3af6140a63f210f14c3208b68ef05b94580c368f5fb865885ee8ce37bf3ae508687f1b2ec5c99e3364d9416a80eb15c11739dcd789

    • SSDEEP

      49152:RnpEKUacBVQej/1INRx+TSqTdX1HkQo6SAARdhOv:1pyfBhz1aRxcSUDk36SAEdhG

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3214) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks