wannacry | f761d2661adcbba9e214c5c7a8498290011d59d7fbff48711a6386aae956dff9 | Triage

Sharing

General

Target

2025-02-21_c6f707035bbed4b24afbf3c3a3ae2a3e_wannacry
Size

5.0MB
Sample

250221-f9wv8atqat
MD5

c6f707035bbed4b24afbf3c3a3ae2a3e
SHA1

903ee4ce30da9f736aabd5661601362ca490c708
SHA256

f761d2661adcbba9e214c5c7a8498290011d59d7fbff48711a6386aae956dff9
SHA512

cd2c73ca91f6d0047e270faf54120b62706edebdea900ffb57d662ca787dc9ba50afc6103765d94b9e3b46708486c00e7f2078f089600198f750be5c0a977a15
SSDEEP

98304:BDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8Y:BDqPe1Cxcxk3ZAEUadzR8Y

Score

10^/10

wannacry defense_evasion discovery ransomware worm

Malware Config

Targets

- Target
  
  2025-02-21_c6f707035bbed4b24afbf3c3a3ae2a3e_wannacry
- Size
  
  5.0MB
- MD5
  
  c6f707035bbed4b24afbf3c3a3ae2a3e
- SHA1
  
  903ee4ce30da9f736aabd5661601362ca490c708
- SHA256
  
  f761d2661adcbba9e214c5c7a8498290011d59d7fbff48711a6386aae956dff9
- SHA512
  
  cd2c73ca91f6d0047e270faf54120b62706edebdea900ffb57d662ca787dc9ba50afc6103765d94b9e3b46708486c00e7f2078f089600198f750be5c0a977a15
- SSDEEP
  
  98304:BDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8Y:BDqPe1Cxcxk3ZAEUadzR8Y
Score

10^/10

wannacry discovery ransomware worm defense_evasion
- Modifies firewall policy service
  defense_evasion
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Wannacry family
  wannacry
- Contacts a large (3234) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydefense_evasiondiscoveryransomwareworm