wannacry | 34c94210a0a348ce1c3342488cef92276ffd200598693b2d288ec582c5142723 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024070497...ry.exe

windows7-x64

2024070497...ry.exe

windows10-2004-x64

Sharing

General

Target

2024070497ab0e15f3085af2dc678124c127b5d2wannacry
Size

5.0MB
Sample

240704-r4845sxhqk
MD5

97ab0e15f3085af2dc678124c127b5d2
SHA1

f66dff3b970b8c5b06e4c4da55e4f3134f25a5f9
SHA256

34c94210a0a348ce1c3342488cef92276ffd200598693b2d288ec582c5142723
SHA512

779f70c2f161b4df477723c7ab5d7eb5f5b90a739a713227bbda094890dce5e2e0c02de1d1a9ee0c31f099de0a3c94b1240d5d0cae128084002ff11e59798ea7
SSDEEP

49152:QnvMSPbcBVQejI+TSqTdX1HkQo6SAARdhnv:QvPoBhccSUDk36SAEdhv

Score

10^/10

wannacry discovery ransomware worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024070497ab0e15f3085af2dc678124c127b5d2wannacry.exe

Resource

win7-20240611-en

wannacry discovery ransomware worm

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024070497ab0e15f3085af2dc678124c127b5d2wannacry.exe

Resource

win10v2004-20240611-en

wannacry discovery ransomware worm

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024070497ab0e15f3085af2dc678124c127b5d2wannacry
- Size
  
  5.0MB
- MD5
  
  97ab0e15f3085af2dc678124c127b5d2
- SHA1
  
  f66dff3b970b8c5b06e4c4da55e4f3134f25a5f9
- SHA256
  
  34c94210a0a348ce1c3342488cef92276ffd200598693b2d288ec582c5142723
- SHA512
  
  779f70c2f161b4df477723c7ab5d7eb5f5b90a739a713227bbda094890dce5e2e0c02de1d1a9ee0c31f099de0a3c94b1240d5d0cae128084002ff11e59798ea7
- SSDEEP
  
  49152:QnvMSPbcBVQejI+TSqTdX1HkQo6SAARdhnv:QvPoBhccSUDk36SAEdhv
Score

10^/10

wannacry discovery ransomware worm
- Wannacry
  WannaCry is a ransomware cryptoworm.
  ransomware worm wannacry
- Contacts a large (3223) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

wannacrydiscoveryransomwareworm

behavioral2

wannacrydiscoveryransomwareworm

© 2018-2024

Terms | Privacy