The dynamic analysis of WannaCry ransomware

摘要

The global ransomware cyberattacks cripples the national hospital system across the United Kingdom, and causes waves of appointments and operations to be cancelled. Similar attacking methods have come to sweep over the world. Such trend of highprofile cyberattack sheds the lights on rapid defence through the malware information sharing platform. A complete malware analysis process is quite a time-consuming campaign. The dynamic analysis of WannaCry ransomware explores behavioural indicators and extracts important IOCs (Indicators of Compromise). Utilizing Yara tool to create customized patterns is useful for malware information sharing mechanism. Also, such mechanism help reduce time and human resource spent on detecting or finding similar malware families. We aim to generate effective cyber threat intelligence by formulating collected IOCs into structured formations. The positive effects show on immediate defensive response to security breaches, and meanwhile the integrated information security protection is consolidated.