General

  • Target

    1cb50db0322692be5612fed491a58fc79e87a0434603db2f108ddd1153a61bdc

  • Size

    3.6MB

  • Sample

    221010-sc8jzacean

  • MD5

    be1958914284592f775bc245b5bf0b3f

  • SHA1

    c9fa74053e26ff5902e9ba459703820d0a03e540

  • SHA256

    1cb50db0322692be5612fed491a58fc79e87a0434603db2f108ddd1153a61bdc

  • SHA512

    c0ec0373bf670f99968368d1cc582bb74c103f21c3b347102e08910e0b673a36bf1f1e8c24b2f3f6583ab8d2faa2803a7f62d14c510512c5aec245c4211058d6

  • SSDEEP

    24576:XbLgddQhfdmMSirYbYagd/2D6O5RTHo12gv5kC:XnAQqMSPbYz+DW1Jv5

Malware Config

Targets

    • Target

      1cb50db0322692be5612fed491a58fc79e87a0434603db2f108ddd1153a61bdc

    • Size

      3.6MB

    • MD5

      be1958914284592f775bc245b5bf0b3f

    • SHA1

      c9fa74053e26ff5902e9ba459703820d0a03e540

    • SHA256

      1cb50db0322692be5612fed491a58fc79e87a0434603db2f108ddd1153a61bdc

    • SHA512

      c0ec0373bf670f99968368d1cc582bb74c103f21c3b347102e08910e0b673a36bf1f1e8c24b2f3f6583ab8d2faa2803a7f62d14c510512c5aec245c4211058d6

    • SSDEEP

      24576:XbLgddQhfdmMSirYbYagd/2D6O5RTHo12gv5kC:XnAQqMSPbYz+DW1Jv5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3149) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1281) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

3
T1046

Tasks