General

  • Target

    91509814067b491a8d8fda0bca9858a1

  • Size

    5.0MB

  • Sample

    220720-h5htxadedm

  • MD5

    91509814067b491a8d8fda0bca9858a1

  • SHA1

    bc018e1cf45f9e52401b4cefc88535324ed5016e

  • SHA256

    a9fc53415ca9e17326100de8615e566cf632831a1c7e8df70399e0ee6551b333

  • SHA512

    02145dfc158b9ccf6f3bb3ec680a37969ea45e2ad45863d71de089807d1d250747aa5288f6eb71880dd9b38cc634ddb3dd48195839ecf458eb900aa75dc7800c

Malware Config

Targets

    • Target

      91509814067b491a8d8fda0bca9858a1

    • Size

      5.0MB

    • MD5

      91509814067b491a8d8fda0bca9858a1

    • SHA1

      bc018e1cf45f9e52401b4cefc88535324ed5016e

    • SHA256

      a9fc53415ca9e17326100de8615e566cf632831a1c7e8df70399e0ee6551b333

    • SHA512

      02145dfc158b9ccf6f3bb3ec680a37969ea45e2ad45863d71de089807d1d250747aa5288f6eb71880dd9b38cc634ddb3dd48195839ecf458eb900aa75dc7800c

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3345) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1284) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks