wannacry | c4aa6ba9f1b5f066524e274e311a2c0d4e7dddff9cebb493fa2c7dc871451fb8 | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-01-14...ry.exe

windows7-x64

2025-01-14...ry.exe

windows10-2004-x64

Sharing

General

Target

2025-01-14_45d02473e0900be35d92a143fd9fa13d_wannacry
Size

2.2MB
Sample

250114-b8at5swjdk
MD5

45d02473e0900be35d92a143fd9fa13d
SHA1

d12cb93564b7c2d3d8f68af6e1b4fdead6dcfe99
SHA256

c4aa6ba9f1b5f066524e274e311a2c0d4e7dddff9cebb493fa2c7dc871451fb8
SHA512

220d3c299d36104017a96db974619df0774d0fc709a349e249ccd0caefa02f7a0ad1231f7c07c2893346370b408a331e7f44af7bf0a105e804dc3394301e36bb
SSDEEP

49152:QnsQqMSPbcRVQej/1INx+TSqTdXeRdhnvn:Q/qPoRhz1axcSU4dhvn

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-01-14_45d02473e0900be35d92a143fd9fa13d_wannacry.exe

Resource

win7-20241010-en

wannacry discovery ransomware worm

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-01-14_45d02473e0900be35d92a143fd9fa13d_wannacry.exe

Resource

win10v2004-20241007-en

wannacry discovery ransomware worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-01-14_45d02473e0900be35d92a143fd9fa13d_wannacry
- Size
  
  2.2MB
- MD5
  
  45d02473e0900be35d92a143fd9fa13d
- SHA1
  
  d12cb93564b7c2d3d8f68af6e1b4fdead6dcfe99
- SHA256
  
  c4aa6ba9f1b5f066524e274e311a2c0d4e7dddff9cebb493fa2c7dc871451fb8
- SHA512
  
  220d3c299d36104017a96db974619df0774d0fc709a349e249ccd0caefa02f7a0ad1231f7c07c2893346370b408a331e7f44af7bf0a105e804dc3394301e36bb
- SSDEEP
  
  49152:QnsQqMSPbcRVQej/1INx+TSqTdXeRdhnvn:Q/qPoRhz1axcSU4dhvn
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (3187) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2025

Terms | Privacy