General

  • Target

    71e07c835a6d82dc921d9e90c8b036a2

  • Size

    6MB

  • Sample

    220908-ym8wdacghl

  • MD5

    71e07c835a6d82dc921d9e90c8b036a2

  • SHA1

    3ac79478c87e9b59b6eedec22ca8c97546b04e58

  • SHA256

    450fae63b82d54150b7c939890cde5391d0512195e465463196335031a92b75e

  • SHA512

    e07ed4535989425924ddd10def2d90a75c4c47872eff655b6a51d3f4cf276b63e786935c887f9061c17929832e842d9647443c5f9870a74d6bfd0379a2042f79

Malware Config

Targets

    • Target

      71e07c835a6d82dc921d9e90c8b036a2

    • Size

      6MB

    • MD5

      71e07c835a6d82dc921d9e90c8b036a2

    • SHA1

      3ac79478c87e9b59b6eedec22ca8c97546b04e58

    • SHA256

      450fae63b82d54150b7c939890cde5391d0512195e465463196335031a92b75e

    • SHA512

      e07ed4535989425924ddd10def2d90a75c4c47872eff655b6a51d3f4cf276b63e786935c887f9061c17929832e842d9647443c5f9870a74d6bfd0379a2042f79

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation