Overview

overview

10

Static

static

3

2025-01-28...ry.exe

windows7-x64

10

2025-01-28...ry.exe

windows10-2004-x64

10

Resubmissions

28-01-2025 12:32

250128-pqvngsyma1 10

28-01-2025 07:52

250128-jqlgxsslev 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-28_6d73de7be19a350a50b380b1a4ee4c98_wannacry

  • Size

    5.0MB

  • Sample

    250128-pqvngsyma1

  • MD5

    6d73de7be19a350a50b380b1a4ee4c98

  • SHA1

    2f148fddad9803b7258168ac5e4fa3ba21ccfc4b

  • SHA256

    5607d99d35f3585acc994ce172c070412cbda1b07b08864af8e5477bcf5f260d

  • SHA512

    deb7270407bf00f7618cfe87f694f1eab0d138f4cb3fcf86ac350e35dbcab53981f608998e4f036006acec92a994487015c476651cfc06d1e7042cdc0509dcd4

  • SSDEEP

    98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P597:Z8qPe1Cxcxk3ZAEUadH

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-01-28_6d73de7be19a350a50b380b1a4ee4c98_wannacry

    • Size

      5.0MB

    • MD5

      6d73de7be19a350a50b380b1a4ee4c98

    • SHA1

      2f148fddad9803b7258168ac5e4fa3ba21ccfc4b

    • SHA256

      5607d99d35f3585acc994ce172c070412cbda1b07b08864af8e5477bcf5f260d

    • SHA512

      deb7270407bf00f7618cfe87f694f1eab0d138f4cb3fcf86ac350e35dbcab53981f608998e4f036006acec92a994487015c476651cfc06d1e7042cdc0509dcd4

    • SSDEEP

      98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P597:Z8qPe1Cxcxk3ZAEUadH

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3230) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks