General

  • Target

    a504254a323db2fc3b9c89143fcdd132

  • Size

    3.6MB

  • Sample

    220906-1bzjnsfehl

  • MD5

    a504254a323db2fc3b9c89143fcdd132

  • SHA1

    eae88b42584f89af695445e0a0cac11a593cd30c

  • SHA256

    d3bee84270c494d9ebeb7409d1b7b12868ec6409ac2acd355909f2aff1d9e0ce

  • SHA512

    e7fca282a5cfc67afccc99a8918fd80465d8882472db308970ca6488a73f3369f6976877eaf204d90806fd16441b9e069bed99c6c54bfc732f0938ace60ca145

  • SSDEEP

    24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLK6+vbOSSqTPVXHASk+K:2nAQqMSPbcBVQej/1INx+TSqTdXHAA

Malware Config

Targets

    • Target

      a504254a323db2fc3b9c89143fcdd132

    • Size

      3.6MB

    • MD5

      a504254a323db2fc3b9c89143fcdd132

    • SHA1

      eae88b42584f89af695445e0a0cac11a593cd30c

    • SHA256

      d3bee84270c494d9ebeb7409d1b7b12868ec6409ac2acd355909f2aff1d9e0ce

    • SHA512

      e7fca282a5cfc67afccc99a8918fd80465d8882472db308970ca6488a73f3369f6976877eaf204d90806fd16441b9e069bed99c6c54bfc732f0938ace60ca145

    • SSDEEP

      24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLK6+vbOSSqTPVXHASk+K:2nAQqMSPbcBVQej/1INx+TSqTdXHAA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3102) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1255) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

3
T1046

Tasks