Open-source atomic malware analysis

Analyze another

2026-02-08_796e24dcc94c7a0cf6f4f613ad72e6c2_elex_wannacry

PE
Verdict: HOSTILE
SHA256: c5e1719693f8f48822c7bf4b6eb7fbfbcb4b093b3b7f52edd814087a43ec07b0
Mal-ecule
KO₁₀(Er₇DyAs₆C₃CoI₂LaPPrXe)H₈(Po₅Cm₂F₄HfOs₆U₂DbDs)Md₄(HeBi₄V)
Size 124.0 KB download
First seen 54 days ago
Analyzed 54 days ago
Ecosystem _unknown

Well-known

hostile severity, 99% confident.
malware/trojan Elex WinWord WinInet dropper

Objectives

suspicious severity, 92% confident.
evasion/self-delete Batch with ping delay before deletion
notable severity, 90% confident.
discovery/process ToolHelp snapshot enumeration with process access

Micro-behaviors

suspicious severity, 94% confident.
process/create Hidden WinExec process launch
notable severity, 80% confident.
communications/http urlmon library reference
notable severity, 90% confident.
communications/ipc Peek at pipe data without reading
notable severity, 90% confident.
fs/enumerate Query volume information
notable severity, 75% confident.
fs/shell-ops Perform file operation through shell
notable severity, 85% confident.
fs/sync Modify file creation/access/write times
notable severity, 90% confident.
fs/traversal Enumerate logical drive strings
notable severity, 85% confident.
hardware/input GetKeyboardState P/Invoke string reference
notable severity, 90% confident.
os/compat WoW64 filesystem redirection control
notable severity, 80% confident.
os/group Resolve SID to account/group name
notable severity, 80% confident.
os/privilege Enable/disable privileges in access token
notable severity, 90% confident.
os/sysinfo Query disk free space
notable severity, 92% confident.
process/enumerate Dynamic Toolhelp enumeration suite
notable severity, 85% confident.
ui/window Shutdown/restart system

Metadata

notable severity, 100% confident.
hardening Writable and executable section (W^X violation)
notable severity, 100% confident.
unsigned Binary is not digitally signed
baseline severity, 100% confident.
binary Binary has low average string entropy

20 of 76 traits shown

Identity

SHA-256 c5e1719693f8f48822c7bf4b6eb7fbfbcb4b093b3b7f52edd814087a43ec07b0
Filename 2026-02-08_796e24dcc94c7a0cf6f4f613ad72e6c2_elex_wannacry

Origin

Source harvest
Feed vxug
Ecosystem _unknown

Timeline

First seen 24 Apr 2026 16:15 UTC
Last analyzed 24 Apr 2026 21:59 UTC
Last updated 24 Apr 2026 21:59 UTC

Labeling

Label bad
Label source harvest
Traits version 8bf61