General
-
Target
07a5d326b196d166dc0618e7c25ac2b5.dll
-
Size
5.0MB
-
Sample
250115-vp9znsypfv
-
MD5
07a5d326b196d166dc0618e7c25ac2b5
-
SHA1
7a23e2ef0682cfb8813a27dc559da187f9e178f5
-
SHA256
5d7fa45d2fcb10893ee5bdbfc4b16bdeeffd34aa5791331332a8bbb1015cb63b
-
SHA512
38088c24dacd01b7ecdef5afdbcbff2ee723bdea65d4e7138c5007b2de823aecd9db2f5e970ea4c132fac2938525b984d94dcc7c8d01af952bd79006b64ddfc2
-
SSDEEP
98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8s3:d8qPe1Cxcxk3ZAEUadzR8s
Malware Config
Targets
-
-
Target
07a5d326b196d166dc0618e7c25ac2b5.dll
-
Size
5.0MB
-
MD5
07a5d326b196d166dc0618e7c25ac2b5
-
SHA1
7a23e2ef0682cfb8813a27dc559da187f9e178f5
-
SHA256
5d7fa45d2fcb10893ee5bdbfc4b16bdeeffd34aa5791331332a8bbb1015cb63b
-
SHA512
38088c24dacd01b7ecdef5afdbcbff2ee723bdea65d4e7138c5007b2de823aecd9db2f5e970ea4c132fac2938525b984d94dcc7c8d01af952bd79006b64ddfc2
-
SSDEEP
98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8s3:d8qPe1Cxcxk3ZAEUadzR8s
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Contacts a large (3346) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1