Purpose: This study aims to analyze the WannaCry ransomware using Kali Linux and the Common Access Platform Assistant (CAPA) method to provide a deeper understanding of the malware's attack tactics, capabilities, and behaviors. Methods/Study design/approach: The research was conducted by installing CAPA version 7.4.0 downloaded from GitHub, followed by file extraction and access permission configuration. The WannaCry malware was obtained from the "thezoo" repository on GitHub, extracted, and analyzed using CAPA commands in the Linux terminal. The analysis results were presented in tables showing the malware's tactics, techniques, and behaviors. Result/Findings: The analysis revealed that CAPA effectively identified various tactics and techniques used by WannaCry, confirming its classification as malware. Validation through antivirus services indicated that 68 out of 72 services flagged the file as malicious, emphasizing the importance of robust cybersecurity measures. Novelty/Originality/Value: This study offers new insights into the working mechanisms of WannaCry ransomware and highlights the effectiveness of the CAPA method in malware analysis. The findings contribute to a better understanding of cybersecurity threats and provide valuable information for professionals in the field to enhance defense strategies against malware.

Asaad, R. R. (2021). Penetration testing: Wireless network attacks method on Kali Linux OS. Academic Journal of Nawroz University, 10(1), 7–12.

Konecka, S., Bentyn, Z. (2024). Cyberattacks as Threats in Supply Chains. European Research Studies Journal. (27) 3 : 778-796

Pandey, A. K., et al. (2020). Trends in malware attacks: Identification and mitigation strategies. In Critical Concepts, Standards, and Techniques in Cyber Forensics (pp. 47–60). IGI Global.

Wijaya, A. H., & Fitrani, A. S. (2019). Wannacry identification for computer data security. JICTE (Journal of Information and Computer Technology Education), 3(1), 22–28.