General

  • Target

    eed86ba53d4d84ceef045203667f3a4a4636948c36d4bb45ba8de5d69bf87778.exe

  • Size

    4MB

  • Sample

    231205-v9m1msdh87

  • MD5

    58a71165053c76d81f99b3d46d4739a2

  • SHA1

    7ed53c7f2c2628e576ee2436d3493aaa7d371265

  • SHA256

    eed86ba53d4d84ceef045203667f3a4a4636948c36d4bb45ba8de5d69bf87778

  • SHA512

    4b43646a9590b5e5c95daae4b71f6e5c676d69461bd209b8b6c0cdf41c196921df0b57438f27f242918f85f4d68d642d213a6da910542e686ce7238f1c97608e

  • SSDEEP

    98304:yDqPoB2SUDk36SAEdhvxWa9P593R8yAVp2H:yDqPDxk3ZAEUadzR8yc4H

Malware Config

Targets

    • Target

      eed86ba53d4d84ceef045203667f3a4a4636948c36d4bb45ba8de5d69bf87778.exe

    • Size

      4MB

    • MD5

      58a71165053c76d81f99b3d46d4739a2

    • SHA1

      7ed53c7f2c2628e576ee2436d3493aaa7d371265

    • SHA256

      eed86ba53d4d84ceef045203667f3a4a4636948c36d4bb45ba8de5d69bf87778

    • SHA512

      4b43646a9590b5e5c95daae4b71f6e5c676d69461bd209b8b6c0cdf41c196921df0b57438f27f242918f85f4d68d642d213a6da910542e686ce7238f1c97608e

    • SSDEEP

      98304:yDqPoB2SUDk36SAEdhvxWa9P593R8yAVp2H:yDqPDxk3ZAEUadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3105) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (3196) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks