Overview

overview

10

Static

static

3

bc82dd960f...73.dll

windows7-x64

10

bc82dd960f...73.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc82dd960fce92fc4b513e882dc1c873.dll

  • Size

    5.0MB

  • Sample

    250115-cdafkaypbq

  • MD5

    bc82dd960fce92fc4b513e882dc1c873

  • SHA1

    65d63b04ed6376a13dea83eb7937a8d6ec95e278

  • SHA256

    8c1d22bd6ff6abd10f01e97c39cd6455c1abf72e45760050ff1bb5f554f7c5b4

  • SHA512

    82439d1ef59c7ba4b79ea030caa8acde8442779df4eda3269edf9d5a1cdc745f03e0356523ce377e8dd9b25067395e5a77fe4d900aab256aa5a2c8a388ccb15e

  • SSDEEP

    49152:znAQqMSPbcBVnRdhnvxJM0H9PAMEcaEau3R8yAH1plAH:TDqPoBHdhvxWa9P593R8yAVp2H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      bc82dd960fce92fc4b513e882dc1c873.dll

    • Size

      5.0MB

    • MD5

      bc82dd960fce92fc4b513e882dc1c873

    • SHA1

      65d63b04ed6376a13dea83eb7937a8d6ec95e278

    • SHA256

      8c1d22bd6ff6abd10f01e97c39cd6455c1abf72e45760050ff1bb5f554f7c5b4

    • SHA512

      82439d1ef59c7ba4b79ea030caa8acde8442779df4eda3269edf9d5a1cdc745f03e0356523ce377e8dd9b25067395e5a77fe4d900aab256aa5a2c8a388ccb15e

    • SSDEEP

      49152:znAQqMSPbcBVnRdhnvxJM0H9PAMEcaEau3R8yAH1plAH:TDqPoBHdhvxWa9P593R8yAVp2H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3174) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks