General
-
Target
3df6e06d7f6270903dda0e9e0da7ff6e
-
Size
5.0MB
-
Sample
220908-ym3z5acghk
-
MD5
3df6e06d7f6270903dda0e9e0da7ff6e
-
SHA1
29dcb3b3b9f9e5f6679ba6fa32531d4d92f567fb
-
SHA256
51c5225c4bf368296754697e310f1583300b5e85748be40dca5ff5647df4f8dc
-
SHA512
0cf97a1361b5b73569c4497958091b298c2c29c85ad734078165fbe0cb86c9776bd33463dbd7ecda8d147544d771b1ca6b8751bfc8135cb70eb257f211de3e94
-
SSDEEP
49152:snjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SA:M8qPoBhz1aRxcSUDk36SA
Malware Config
Targets
-
-
Target
3df6e06d7f6270903dda0e9e0da7ff6e
-
Size
5.0MB
-
MD5
3df6e06d7f6270903dda0e9e0da7ff6e
-
SHA1
29dcb3b3b9f9e5f6679ba6fa32531d4d92f567fb
-
SHA256
51c5225c4bf368296754697e310f1583300b5e85748be40dca5ff5647df4f8dc
-
SHA512
0cf97a1361b5b73569c4497958091b298c2c29c85ad734078165fbe0cb86c9776bd33463dbd7ecda8d147544d771b1ca6b8751bfc8135cb70eb257f211de3e94
-
SSDEEP
49152:snjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SA:M8qPoBhz1aRxcSUDk36SA
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3301) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1270) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-