Overview

overview

10

Static

static

3

2025-02-03...ry.exe

windows7-x64

10

2025-02-03...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-03_211d3c5f37a5b13a27dc0ccfe5a41168_wannacry

  • Size

    2.2MB

  • Sample

    250203-c2ep7axjes

  • MD5

    211d3c5f37a5b13a27dc0ccfe5a41168

  • SHA1

    6dad34d736943e645845c21a14666337da5fc6ce

  • SHA256

    805bc4fd54475d93b3811aeb32f2c761f46d52168507f3a0688d231ea117915e

  • SHA512

    2886b97c9a25cdbe443f49944fe50453742592fc501395221c4b4f5feeebe4f5b1df92de2fc8b91df67b84377fea3b428168c2a0a3d04e2d2a64efa9bf16e87b

  • SSDEEP

    12288:e1bLgmluCti62gaIMu7LocQhfYNvrTcbckPU82900Ve7zw+K+DHeQYSUjEXF:QbLguriXd5cQdIvrYbcMNgef0QeQj

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-02-03_211d3c5f37a5b13a27dc0ccfe5a41168_wannacry

    • Size

      2.2MB

    • MD5

      211d3c5f37a5b13a27dc0ccfe5a41168

    • SHA1

      6dad34d736943e645845c21a14666337da5fc6ce

    • SHA256

      805bc4fd54475d93b3811aeb32f2c761f46d52168507f3a0688d231ea117915e

    • SHA512

      2886b97c9a25cdbe443f49944fe50453742592fc501395221c4b4f5feeebe4f5b1df92de2fc8b91df67b84377fea3b428168c2a0a3d04e2d2a64efa9bf16e87b

    • SSDEEP

      12288:e1bLgmluCti62gaIMu7LocQhfYNvrTcbckPU82900Ve7zw+K+DHeQYSUjEXF:QbLguriXd5cQdIvrYbcMNgef0QeQj

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3279) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks