ioc[.]one - OSINT Cyber Threat Intelligence Database

WCry (WannaCry) Ransomware Analysis

Tags

attack-pattern:

Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	aca41856-6832-4186-bfb3-e36a7bbc73d2
Fingerprint	bdb6355be6398bd1
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 18, 2017, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	WCry Ransomware Analysis
Title	WCry (WannaCry) Ransomware Analysis
Detected Hints/Tags/Attributes	75/1/59

Source URLs

	Redirection	Url
Details	Source	https://www.secureworks.com/research/wcry-ransomware-analysis

URL Provider

Details	Provider	Source level domain
Details	secureworks.com	www.secureworks.com

Attributes

Details	Type	#Events	Value
Details	Domain	47	microsoft.exchange
Details	Domain	14	gx7ekbenv2riucmf.onion
Details	Domain	13	57g7spgrzlojinas.onion
Details	Domain	14	xxlvbrloxvriy2c5.onion
Details	Domain	14	76jdd2ir2embyv47.onion
Details	Domain	13	cwwnhwhlz52maqm7.onion
Details	File	7	c:\windows\mssecsvc.exe
Details	File	7	c:\windows\tasksche.exe
Details	File	22	taskse.exe
Details	File	22	taskdl.exe
Details	File	2125	cmd.exe
Details	File	82	taskkill.exe
Details	File	57	mysqld.exe
Details	File	66	sqlwriter.exe
Details	File	21	sqlserver.exe
Details	File	1	46631494859358.bat
Details	File	1	37061494619317.bat
Details	File	10	taskhsvc.exe
Details	File	27	tasksche.exe
Details	md5	7	db349b97c37d22f5ea1d1841e3c89eb4
Details	md5	1	63fb6dd827559c0ed40c4c3725f7fc0a
Details	md5	1	f5c0755e5f08dabf1119c193e96539a6
Details	md5	1	492c258c5bcbdd812fddd99b2427da99
Details	md5	2	c17170262312f3be7027bc2ca825bf0c
Details	md5	1	fa44d43242f0bcc6d64569e4869e4913
Details	md5	2	3e0020fc529b1c2a061016dd2469ba96
Details	md5	2	ad4c9de7c8c40813f200ba1c2fa33083
Details	md5	5	4fef5e34143e646dbf9907c4374276f5
Details	md5	6	84c82835a5d21bbcf75a61706d8ab549
Details	md5	6	8495400f199ac77853c53b5a3f278f3e
Details	md5	2	5dcaac857e695a65f5c3ef1441a73a8f
Details	md5	8	7bf2b57f2a205768755c07f238fb32cc
Details	sha1	1	e889544aff85ffaf8b0d0da705105dee7c97fe26
Details	sha1	1	8e7211b1455dedfe1f84cc60a7ed593f78dfb6e1
Details	sha1	1	5109c0738c126e65db8a92e1ff24f3291837f627
Details	sha1	1	0c16196d93b076f4648a9b1b027e7735845cab20
Details	sha1	2	f19eceda82973239a1fdc5826bce7691e5dcb4fb
Details	sha1	1	29da372c816ac0d636657a76ab7712ae8106cb45
Details	sha1	2	c3a91c22b63f6fe709e7c29cafb29a2ee83e6ade
Details	sha1	2	d1af27518d455d432b62d73c6a1497d032f6120e
Details	sha1	2	47a9ad4125b6bd7c55e4e7da251e23f089407b8f
Details	sha1	2	5ff465afaabcbf0150d1a3ab2c2e74f3a4426467
Details	sha1	2	be5d6279874da315e3080b06083757aad9b32c23
Details	sha1	2	7b10aaeee05e7a1efb43d9f837e9356ad55c07dd
Details	sha1	2	45356a9dd616ed7161a3b9192e2f318d0ab5ad10
Details	sha256	12	24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c
Details	sha256	1	24076e8485c72e4f9cf997c1f3670337231e401a043505e489606fff5758150f
Details	sha256	1	c863b4b4780d6ce53827049d3733863283aaeb4d4ae806fc2c5cfbd9eb236ab8
Details	sha256	1	6fa17600177c2032c3c3a3c06df6cf7d8dba1d32db146d9dd87aecf3f39fb898
Details	sha256	4	d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa
Details	sha256	1	3324483d27e716feb408b5d16b82540731faf435b9325497df779d72e7a6b765
Details	sha256	4	402751fa49e0cb68fe052cb3db87b05e71c1d950984d339940cf6b29409f2a7c
Details	sha256	4	e18fdd912dfe5b45776e68d578c3af3547886cf1353d7086c8bee037436dff4b
Details	sha256	8	4a468603fdcb7a2eb5770705898cf9ef37aade532a7964642ecd705a74794b79
Details	sha256	13	ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
Details	sha256	8	2ca2d550e603d74dedda03156023135b38da3630cb014e3d00b1263358c5f00d
Details	sha256	4	97ebce49b14c46bebc9ec2448d00e1e397123b256e2be9eba5140688e7bc0ae6
Details	sha256	11	b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25
Details	IPv4	1441	127.0.0.1