Open-source atomic malware analysis

Analyze another

2026-02-08_840f7008f6786049b75c79f0edeb97eb_elex_wannacry

PE
Verdict: HOSTILE
SHA256: 6d2048106c70049dfa0214505eb581150dca441d049d9498680990c4a3e3638d
Mal-ecule
KO₁₀(Er₇DyAs₆C₃CoI₂LaPPrXe)H₈(Po₅Cm₂F₄HfOs₆U₂DbDs)Md₄(HeBi₄V)
Size 124.0 KB download
First seen 54 days ago
Analyzed 54 days ago
Ecosystem _unknown

Well-known

hostile severity, 99% confident.
malware/trojan Elex WinWord WinInet dropper

Objectives

suspicious severity, 92% confident.
evasion/self-delete Batch with ping delay before deletion
notable severity, 90% confident.
discovery/process ToolHelp snapshot enumeration with process access

Micro-behaviors

suspicious severity, 94% confident.
process/create Hidden WinExec process launch
notable severity, 80% confident.
communications/http urlmon library reference
notable severity, 90% confident.
communications/ipc Peek at pipe data without reading
notable severity, 90% confident.
fs/enumerate Query volume information
notable severity, 75% confident.
fs/shell-ops Perform file operation through shell
notable severity, 85% confident.
fs/sync Modify file creation/access/write times
notable severity, 90% confident.
fs/traversal Enumerate logical drive strings
notable severity, 85% confident.
hardware/input GetKeyboardState P/Invoke string reference
notable severity, 90% confident.
os/compat WoW64 filesystem redirection control
notable severity, 80% confident.
os/group Resolve SID to account/group name
notable severity, 80% confident.
os/privilege GetTokenInformation API
notable severity, 90% confident.
os/sysinfo Query disk free space
notable severity, 92% confident.
process/enumerate Dynamic Toolhelp enumeration suite
notable severity, 85% confident.
ui/window Shutdown/restart system

Metadata

notable severity, 100% confident.
hardening Writable and executable section (W^X violation)
notable severity, 100% confident.
unsigned Binary is not digitally signed
baseline severity, 100% confident.
binary Binary has low average complexity

20 of 76 traits shown

Identity

SHA-256 6d2048106c70049dfa0214505eb581150dca441d049d9498680990c4a3e3638d
Filename 2026-02-08_840f7008f6786049b75c79f0edeb97eb_elex_wannacry

Origin

Source harvest
Feed vxug
Ecosystem _unknown

Timeline

First seen 24 Apr 2026 16:15 UTC
Last analyzed 24 Apr 2026 19:36 UTC
Last updated 24 Apr 2026 19:36 UTC

Labeling

Label bad
Label source harvest
Traits version 8bf61