Overview

overview

10

Static

static

3

2024-07-01...ry.exe

windows7-x64

10

2024-07-01...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-01_b00b93e2b03c7018889cb22c5c3d59f3_wannacry

  • Size

    5.0MB

  • Sample

    240701-msvedsxand

  • MD5

    b00b93e2b03c7018889cb22c5c3d59f3

  • SHA1

    17f5f556eff577d997801a6dce80ddc79b1dd388

  • SHA256

    aa798e9735bf360a6bb8290a93f9b2fe14dcd1f120902cf80d7f182f5ec3fc32

  • SHA512

    eee37bd1c8ef41b6dcd0d65b19d231b5e4449f970dc79cba84e0ad4d6201a96700c99323c61fba60ef6058f8f9bd3c117ea6e2eb5fb9d7b67c3373971d700e5d

  • SSDEEP

    49152:VnjQqMS7UacBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:Z8qIfBhz1aRxcSUDk36SAEdhv

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-07-01_b00b93e2b03c7018889cb22c5c3d59f3_wannacry

    • Size

      5.0MB

    • MD5

      b00b93e2b03c7018889cb22c5c3d59f3

    • SHA1

      17f5f556eff577d997801a6dce80ddc79b1dd388

    • SHA256

      aa798e9735bf360a6bb8290a93f9b2fe14dcd1f120902cf80d7f182f5ec3fc32

    • SHA512

      eee37bd1c8ef41b6dcd0d65b19d231b5e4449f970dc79cba84e0ad4d6201a96700c99323c61fba60ef6058f8f9bd3c117ea6e2eb5fb9d7b67c3373971d700e5d

    • SSDEEP

      49152:VnjQqMS7UacBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:Z8qIfBhz1aRxcSUDk36SAEdhv

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3226) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks