Overview

overview

10

Static

static

3

2025-02-01...ry.exe

windows7-x64

10

2025-02-01...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-01_ebe613da13b17d64516bb6c4cc57ab29_wannacry

  • Size

    5.0MB

  • Sample

    250201-wgswvsvqgn

  • MD5

    ebe613da13b17d64516bb6c4cc57ab29

  • SHA1

    efd440e69f1edad195b406122677da20481fc0cc

  • SHA256

    dc4c2916487c6ea6f057535f5a2ed16e36106694c8c17d2e70f1eaaeeb6e995b

  • SHA512

    64e6de99f19cea0b8bfe936f197657896fae08a8b5856574bf6a4be434d780ea3cb68385c352e90f692d83d82405a0b2ce805049760d316a9fe34bb419f823be

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA7rz4or:yDqPoBhz1aRxcSUDk36SAerdr

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-02-01_ebe613da13b17d64516bb6c4cc57ab29_wannacry

    • Size

      5.0MB

    • MD5

      ebe613da13b17d64516bb6c4cc57ab29

    • SHA1

      efd440e69f1edad195b406122677da20481fc0cc

    • SHA256

      dc4c2916487c6ea6f057535f5a2ed16e36106694c8c17d2e70f1eaaeeb6e995b

    • SHA512

      64e6de99f19cea0b8bfe936f197657896fae08a8b5856574bf6a4be434d780ea3cb68385c352e90f692d83d82405a0b2ce805049760d316a9fe34bb419f823be

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA7rz4or:yDqPoBhz1aRxcSUDk36SAerdr

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3254) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks