General

  • Target

    cb786af89c07fff1d3250b0030f29c5c

  • Size

    5.0MB

  • Sample

    220720-h68rqadeen

  • MD5

    cb786af89c07fff1d3250b0030f29c5c

  • SHA1

    e2ba6d791953193344b3a13a6a47ec559e2f38fa

  • SHA256

    27bc983f99238813802cea064380d6832f631243cf581eeee4c5917a89f87373

  • SHA512

    6058eac463d8c67e388c0f190a88f3b37218440f07a3ab25cf1482b38b606ca390effd4a98009f38836631e937900a006ca4d30bf260e2eb719ea48a67a60a29

Malware Config

Targets

    • Target

      cb786af89c07fff1d3250b0030f29c5c

    • Size

      5.0MB

    • MD5

      cb786af89c07fff1d3250b0030f29c5c

    • SHA1

      e2ba6d791953193344b3a13a6a47ec559e2f38fa

    • SHA256

      27bc983f99238813802cea064380d6832f631243cf581eeee4c5917a89f87373

    • SHA512

      6058eac463d8c67e388c0f190a88f3b37218440f07a3ab25cf1482b38b606ca390effd4a98009f38836631e937900a006ca4d30bf260e2eb719ea48a67a60a29

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3099) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1253) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks