General

  • Target

    eccee37b1781f0dfceea2076d15a467adadfcecf3017a62f32fbc2d5fee94211.exe

  • Size

    2.2MB

  • Sample

    221010-e24enaaef8

  • MD5

    4aa3a61fb27345b240bf68111944ed60

  • SHA1

    564421d31093136e65482e0e33ffee4442f5c81f

  • SHA256

    eccee37b1781f0dfceea2076d15a467adadfcecf3017a62f32fbc2d5fee94211

  • SHA512

    8a01388283613e252d422a30dd1474331c8d0800a8e0f96b0d9e3315632bd039ebf0662e0fc6ce016b860f6fafb819fc27c4ce0093515107c807f45b4d674365

  • SSDEEP

    24576:QbLguripdmMSirYbcMNgef0QeQjGudhAdmvn:QnvMSPbcBVQejudhnvn

Malware Config

Targets

    • Target

      eccee37b1781f0dfceea2076d15a467adadfcecf3017a62f32fbc2d5fee94211.exe

    • Size

      2.2MB

    • MD5

      4aa3a61fb27345b240bf68111944ed60

    • SHA1

      564421d31093136e65482e0e33ffee4442f5c81f

    • SHA256

      eccee37b1781f0dfceea2076d15a467adadfcecf3017a62f32fbc2d5fee94211

    • SHA512

      8a01388283613e252d422a30dd1474331c8d0800a8e0f96b0d9e3315632bd039ebf0662e0fc6ce016b860f6fafb819fc27c4ce0093515107c807f45b4d674365

    • SSDEEP

      24576:QbLguripdmMSirYbcMNgef0QeQjGudhAdmvn:QnvMSPbcBVQejudhnvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3168) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (720) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

3
T1046

Tasks