It comes from SMBv1 vulnerability in all Windows versions which allows to remotely execute malicious code.
Guys, if you still have not patched your Windows, you should do this now. The WannaCry ransomware is still active. New variant of WannaCry ransomware is able to infect 3,600 computers per hour - https://malwareless.com/new-variant-wannacry-ransomware-able-infect-3600-computers-per-hour/. If your computer is infected with this virus, don't pay the ransom - many people who have paid Bitcoins don't receive the decryptor. All top security companies are currently working to develop a decryption solution