Overview

overview

10

Static

static

3

4227ae0496...90.exe

windows7-x64

10

4227ae0496...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4227ae0496519669789431f6469f3f43cd9cde6f6da21db375c5944a72794890

  • Size

    2.2MB

  • Sample

    250114-3dryqavndn

  • MD5

    334248e1ecbf88c5c4f114abe23bbb65

  • SHA1

    c126a5b7464633bb99792328c5c46fb32212791c

  • SHA256

    4227ae0496519669789431f6469f3f43cd9cde6f6da21db375c5944a72794890

  • SHA512

    3a2cdcf366c9cd4aa911c66fe1fa6aa40fb10e3d5deafc7f6114c60ec1273c2636eef213935a39c716a5d6bf0049f2f41562da146885a66900912c2d475679ee

  • SSDEEP

    24576:QbLguriIfEcQdIVUacMNgef0QeQjG/D8kIqRYoAdNLKz6626M+:QnpEKUacBVQej/1INRx+

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      4227ae0496519669789431f6469f3f43cd9cde6f6da21db375c5944a72794890

    • Size

      2.2MB

    • MD5

      334248e1ecbf88c5c4f114abe23bbb65

    • SHA1

      c126a5b7464633bb99792328c5c46fb32212791c

    • SHA256

      4227ae0496519669789431f6469f3f43cd9cde6f6da21db375c5944a72794890

    • SHA512

      3a2cdcf366c9cd4aa911c66fe1fa6aa40fb10e3d5deafc7f6114c60ec1273c2636eef213935a39c716a5d6bf0049f2f41562da146885a66900912c2d475679ee

    • SSDEEP

      24576:QbLguriIfEcQdIVUacMNgef0QeQjG/D8kIqRYoAdNLKz6626M+:QnpEKUacBVQej/1INRx+

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3126) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks