Resubmissions

23-02-2023 18:39

230223-xazw9sgh45 10

19-02-2023 04:44

230219-fctplaeg27 10

General

  • Target

    2023-02-19_7f97b34a113170d02ff8008c2bbc7745_wannacry.exe

  • Size

    6.0MB

  • Sample

    230219-fctplaeg27

  • MD5

    7f97b34a113170d02ff8008c2bbc7745

  • SHA1

    fe00b8cfc0896d6d23ff3628af8c406a7683d707

  • SHA256

    6df64a0a921bd65006968d7eb146f7ceb60ffc1345575d39edec0eded41eb4fe

  • SHA512

    a899eb8481c02d0c983c7761ca9962ffdea22354cdef6cefeadbdf0ac96d43a54c02ea72e89b8b5c2bdefed38ecdd960a8d267e3fc15545286844baf40ac9e93

  • SSDEEP

    49152:LwLwHt4Ihqew+96PoBjYs5ngToDEZwTFgN+1TtI1VjFF3PBTqJQkYUjeAb3WUpPb:L9fhqezRobVjFyEUqA6Sp+ZIogCxfwis

Malware Config

Targets

    • Target

      2023-02-19_7f97b34a113170d02ff8008c2bbc7745_wannacry.exe

    • Size

      6.0MB

    • MD5

      7f97b34a113170d02ff8008c2bbc7745

    • SHA1

      fe00b8cfc0896d6d23ff3628af8c406a7683d707

    • SHA256

      6df64a0a921bd65006968d7eb146f7ceb60ffc1345575d39edec0eded41eb4fe

    • SHA512

      a899eb8481c02d0c983c7761ca9962ffdea22354cdef6cefeadbdf0ac96d43a54c02ea72e89b8b5c2bdefed38ecdd960a8d267e3fc15545286844baf40ac9e93

    • SSDEEP

      49152:LwLwHt4Ihqew+96PoBjYs5ngToDEZwTFgN+1TtI1VjFF3PBTqJQkYUjeAb3WUpPb:L9fhqezRobVjFyEUqA6Sp+ZIogCxfwis

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.