General

  • Target

    e882b21729ff015a0b99b723b459f28e

  • Size

    5.0MB

  • Sample

    220720-h3s7vsdad4

  • MD5

    e882b21729ff015a0b99b723b459f28e

  • SHA1

    ea09f019de9cbd8c1b06e405e4724232ffd4b5f9

  • SHA256

    e3ffc8cc1a73e81b27acf78c3077e753992173aea73dd8b0dc7313f5711f1fd2

  • SHA512

    54ef074d8de3c6435889ad9ca53b297631fd3a67164c758639661a60fc1fcfc468fca2f21478d2c8ad2a8997c35a21d306eb2de8631564601c937e2da71d54b7

Malware Config

Targets

    • Target

      e882b21729ff015a0b99b723b459f28e

    • Size

      5.0MB

    • MD5

      e882b21729ff015a0b99b723b459f28e

    • SHA1

      ea09f019de9cbd8c1b06e405e4724232ffd4b5f9

    • SHA256

      e3ffc8cc1a73e81b27acf78c3077e753992173aea73dd8b0dc7313f5711f1fd2

    • SHA512

      54ef074d8de3c6435889ad9ca53b297631fd3a67164c758639661a60fc1fcfc468fca2f21478d2c8ad2a8997c35a21d306eb2de8631564601c937e2da71d54b7

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3178) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1265) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks