Overview

overview

10

Static

static

3

2025-02-03...ry.exe

windows7-x64

10

2025-02-03...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-03_2efc44eee0a368331d7fc98f3d4289c7_wannacry

  • Size

    5.0MB

  • Sample

    250203-s8f5lavqay

  • MD5

    2efc44eee0a368331d7fc98f3d4289c7

  • SHA1

    25201cd4acdbb9d37e431624601baece162c7c3e

  • SHA256

    9203e0cd8e53baff4976b46bafd13dd88d560e2c453b5d7366c562b053441b4b

  • SHA512

    a172b268ab0ea066c61f863d92db71aca5a7e2233d014c193350a6732d34159e23aae7821910476002458331e9c990bf2e89f6fd81019d49b87769c29be24daa

  • SSDEEP

    6144:GE9l9yNqIYVTH5DgSg8ajldktM0XXrs2QhMV9qbBLIwYQuy8DLq1eNVDvMrHC+Vi:GwbLgPluxQhMbaIMu7L5NVErCA4z

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-02-03_2efc44eee0a368331d7fc98f3d4289c7_wannacry

    • Size

      5.0MB

    • MD5

      2efc44eee0a368331d7fc98f3d4289c7

    • SHA1

      25201cd4acdbb9d37e431624601baece162c7c3e

    • SHA256

      9203e0cd8e53baff4976b46bafd13dd88d560e2c453b5d7366c562b053441b4b

    • SHA512

      a172b268ab0ea066c61f863d92db71aca5a7e2233d014c193350a6732d34159e23aae7821910476002458331e9c990bf2e89f6fd81019d49b87769c29be24daa

    • SSDEEP

      6144:GE9l9yNqIYVTH5DgSg8ajldktM0XXrs2QhMV9qbBLIwYQuy8DLq1eNVDvMrHC+Vi:GwbLgPluxQhMbaIMu7L5NVErCA4z

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3211) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks