General

  • Target

    b350ffff6d18887c11705259b2786fdb

  • Size

    2.2MB

  • Sample

    220825-yb75psagb5

  • MD5

    b350ffff6d18887c11705259b2786fdb

  • SHA1

    84dca81c670275701f15d5494e782e68e541a67d

  • SHA256

    56dbc8907f02fb628d3e371e20ffacdd7f6fd0d765ae79e98705a48b2f34bc23

  • SHA512

    beeeccfdd54419d03b48c2e479442cca66c5898453ecc45066c82cf3a864e82040716e640a21cd07e6e7381471e8acb6eac7a759804b7e0e939b9a4b24a465d8

  • SSDEEP

    24576:QbLgurgDdmMSirYbcMNgef0QeQjGvVXmiHkQg6eX6SASk+RdhAdmvn:QnsEMSPbcBVQej9X1HkQo6SAARdhnvn

Malware Config

Targets

    • Target

      b350ffff6d18887c11705259b2786fdb

    • Size

      2.2MB

    • MD5

      b350ffff6d18887c11705259b2786fdb

    • SHA1

      84dca81c670275701f15d5494e782e68e541a67d

    • SHA256

      56dbc8907f02fb628d3e371e20ffacdd7f6fd0d765ae79e98705a48b2f34bc23

    • SHA512

      beeeccfdd54419d03b48c2e479442cca66c5898453ecc45066c82cf3a864e82040716e640a21cd07e6e7381471e8acb6eac7a759804b7e0e939b9a4b24a465d8

    • SSDEEP

      24576:QbLgurgDdmMSirYbcMNgef0QeQjGvVXmiHkQg6eX6SASk+RdhAdmvn:QnsEMSPbcBVQej9X1HkQo6SAARdhnvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2897) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1194) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

3
T1046

Tasks