General
-
Target
2de468a78a23789fd3ae2715b08b919a
-
Size
5.0MB
-
Sample
220720-azmxnsacfr
-
MD5
2de468a78a23789fd3ae2715b08b919a
-
SHA1
b552f34a006c309706ea1d4294f7e75a078beda3
-
SHA256
6448d228f342fb138a747f8fa317b004553f36f83fdd1b200baf80b7b9d9f5da
-
SHA512
83a622c6b4c59becffa9d3306e0a24db9e840f316a4f16ceac6f2294706a987f9fd48d1827560252134e6017f81269eedc2219624e4feb50688053d0e711c529
Malware Config
Targets
-
-
Target
2de468a78a23789fd3ae2715b08b919a
-
Size
5.0MB
-
MD5
2de468a78a23789fd3ae2715b08b919a
-
SHA1
b552f34a006c309706ea1d4294f7e75a078beda3
-
SHA256
6448d228f342fb138a747f8fa317b004553f36f83fdd1b200baf80b7b9d9f5da
-
SHA512
83a622c6b4c59becffa9d3306e0a24db9e840f316a4f16ceac6f2294706a987f9fd48d1827560252134e6017f81269eedc2219624e4feb50688053d0e711c529
Score10/10-
Modifies firewall policy service
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3202) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (991) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-