test_scratch
/
cti-ATT-CK-v13.1
/ics-attack
/malware
/malware--75ecdbf1-c2bb-4afc-a3f9-c8da4de8c661.json
| { | |
| "type": "bundle", | |
| "id": "bundle--d7eda39f-af96-4ca3-9037-aab5ba71dbd6", | |
| "spec_version": "2.0", | |
| "objects": [ | |
| { | |
| "modified": "2023-03-08T22:20:20.868Z", | |
| "name": "WannaCry", | |
| "description": "[WannaCry](https://attack.mitre.org/software/S0366) is ransomware that was first seen in a global attack during May 2017, which affected more than 150 countries. It contains worm-like features to spread itself across a computer network using the SMBv1 exploit EternalBlue.(Citation: LogRhythm WannaCry)(Citation: US-CERT WannaCry 2017)(Citation: Washington Post WannaCry 2017)(Citation: FireEye WannaCry 2017)", | |
| "x_mitre_platforms": [ | |
| "Windows" | |
| ], | |
| "x_mitre_deprecated": false, | |
| "x_mitre_domains": [ | |
| "enterprise-attack", | |
| "ics-attack" | |
| ], | |
| "x_mitre_version": "1.1", | |
| "x_mitre_contributors": [ | |
| "Jan Miller, CrowdStrike" | |
| ], | |
| "x_mitre_aliases": [ | |
| "WannaCry", | |
| "WanaCry", | |
| "WanaCrypt", | |
| "WanaCrypt0r", | |
| "WCry" | |
| ], | |
| "type": "malware", | |
| "id": "malware--75ecdbf1-c2bb-4afc-a3f9-c8da4de8c661", | |
| "created": "2019-03-25T17:30:17.004Z", | |
| "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
| "revoked": false, | |
| "external_references": [ | |
| { | |
| "source_name": "mitre-attack", | |
| "url": "https://attack.mitre.org/software/S0366", | |
| "external_id": "S0366" | |
| }, | |
| { | |
| "source_name": "WanaCrypt0r", | |
| "description": "(Citation: LogRhythm WannaCry)" | |
| }, | |
| { | |
| "source_name": "WCry", | |
| "description": "(Citation: LogRhythm WannaCry)(Citation: SecureWorks WannaCry Analysis)" | |
| }, | |
| { | |
| "source_name": "WanaCry", | |
| "description": "(Citation: SecureWorks WannaCry Analysis)" | |
| }, | |
| { | |
| "source_name": "WanaCrypt", | |
| "description": "(Citation: SecureWorks WannaCry Analysis)" | |
| }, | |
| { | |
| "source_name": "FireEye WannaCry 2017", | |
| "description": "Berry, A., Homan, J., and Eitzman, R. (2017, May 23). WannaCry Malware Profile. Retrieved March 15, 2019.", | |
| "url": "https://www.fireeye.com/blog/threat-research/2017/05/wannacry-malware-profile.html" | |
| }, | |
| { | |
| "source_name": "SecureWorks WannaCry Analysis", | |
| "description": "Counter Threat Unit Research Team. (2017, May 18). WCry Ransomware Analysis. Retrieved March 26, 2019.", | |
| "url": "https://www.secureworks.com/research/wcry-ransomware-analysis" | |
| }, | |
| { | |
| "source_name": "Washington Post WannaCry 2017", | |
| "description": "Dwoskin, E. and Adam, K. (2017, May 14). More than 150 countries affected by massive cyberattack, Europol says. Retrieved March 25, 2019.", | |
| "url": "https://www.washingtonpost.com/business/economy/more-than-150-countries-affected-by-massive-cyberattack-europol-says/2017/05/14/5091465e-3899-11e7-9e48-c4f199710b69_story.html?utm_term=.7fa16b41cad4" | |
| }, | |
| { | |
| "source_name": "LogRhythm WannaCry", | |
| "description": "Noerenberg, E., Costis, A., and Quist, N. (2017, May 16). A Technical Analysis of WannaCry Ransomware. Retrieved March 25, 2019.", | |
| "url": "https://logrhythm.com/blog/a-technical-analysis-of-wannacry-ransomware/" | |
| }, | |
| { | |
| "source_name": "US-CERT WannaCry 2017", | |
| "description": "US-CERT. (2017, May 12). Alert (TA17-132A): Indicators Associated With WannaCry Ransomware. Retrieved March 25, 2019.", | |
| "url": "https://www.us-cert.gov/ncas/alerts/TA17-132A" | |
| } | |
| ], | |
| "object_marking_refs": [ | |
| "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
| ], | |
| "labels": [ | |
| "malware" | |
| ], | |
| "x_mitre_attack_spec_version": "3.1.0", | |
| "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" | |
| } | |
| ] | |
| } |