General

  • Target

    5d182a7073c5fe63ca1bf69ff4d625c9

  • Size

    3.6MB

  • Sample

    220825-x76q3shgfr

  • MD5

    5d182a7073c5fe63ca1bf69ff4d625c9

  • SHA1

    da6940ff164aab6ff53c32ced524b4947af471f6

  • SHA256

    5bb9799a6bd0247ab0991a5c9ff3d07701b5eae340438363602ee33296552343

  • SHA512

    8f4f450387f7ef32600e13bce1fb77d00911a94e02fa3427796fb00d5b7ea71d24a0094b18a926f121fc1aa5bb667eaae6e0aa02ea14755ae4e72add4df8b64b

  • SSDEEP

    24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoH3:2nAQqMSPbcBVQej/1

Malware Config

Targets

    • Target

      5d182a7073c5fe63ca1bf69ff4d625c9

    • Size

      3.6MB

    • MD5

      5d182a7073c5fe63ca1bf69ff4d625c9

    • SHA1

      da6940ff164aab6ff53c32ced524b4947af471f6

    • SHA256

      5bb9799a6bd0247ab0991a5c9ff3d07701b5eae340438363602ee33296552343

    • SHA512

      8f4f450387f7ef32600e13bce1fb77d00911a94e02fa3427796fb00d5b7ea71d24a0094b18a926f121fc1aa5bb667eaae6e0aa02ea14755ae4e72add4df8b64b

    • SSDEEP

      24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoH3:2nAQqMSPbcBVQej/1

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2042) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1281) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

2
T1046

Tasks