Exploit.Win32.MS17-010

Detect Date 05/05/2017
Class Exploit
Platform Win32
Description

Malware of this family consists of malicious objects that exploit a vulnerability in the SMB protocol implemented in Windows. This malware is more commonly known as EternalBlue. If an attack succeeds, the attacker gains the ability to execute some code as the “system” user.

Geographical distribution of attacks by Exploit.Win32.MS17-010 family

Geographical distribution of attacks during the period from 1 January 2019 to 24 March 2019

Top 10 countries with most attacked users (% of total attacks)

  Country Percentage of users*
1 Russian Federation 18.14
2 Vietnam 17.44
3 Iran 10.28
4 China 8.76
5 Indonesia 7.37
6 Bangladesh 5.63
7 India 5.59
8 Turkey 3.19
9 Thailand 2.68
10 Egypt 2.22

* Percentage of all unique Kaspersky users worldwide who have been attacked by this malware