General

  • Target

    aee6ea06bd64f629b2f5726c4060ee6ebe4137f6561fa8ceb4f16f08e326e4cd.exe

  • Size

    5.0MB

  • Sample

    221011-ejhp8sdgbq

  • MD5

    18f04f3fdcfc7974cf9d2549e515fee9

  • SHA1

    6ac10312858ff0fa47beef762552ff55810d52d6

  • SHA256

    aee6ea06bd64f629b2f5726c4060ee6ebe4137f6561fa8ceb4f16f08e326e4cd

  • SHA512

    40ec8694273d785217e27ff1ae57441cf7df94540d1927ed7e14fabd23196ff51a0b2e002b4c99466b688b1b6054965fcad756009b8b8c218a0a39d90b88292c

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEc:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P5

Malware Config

Targets

    • Target

      aee6ea06bd64f629b2f5726c4060ee6ebe4137f6561fa8ceb4f16f08e326e4cd.exe

    • Size

      5.0MB

    • MD5

      18f04f3fdcfc7974cf9d2549e515fee9

    • SHA1

      6ac10312858ff0fa47beef762552ff55810d52d6

    • SHA256

      aee6ea06bd64f629b2f5726c4060ee6ebe4137f6561fa8ceb4f16f08e326e4cd

    • SHA512

      40ec8694273d785217e27ff1ae57441cf7df94540d1927ed7e14fabd23196ff51a0b2e002b4c99466b688b1b6054965fcad756009b8b8c218a0a39d90b88292c

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEc:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2707) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

2
T1046

Tasks