Resubmissions

08-12-2023 17:24

231208-vy3xqabdbn 10

07-12-2023 05:12

231207-fv5vksahg9 10

General

  • Target

    2023-12-06_4d31b2f6fbcde9725d9ca7947d7b51ae_wannacry

  • Size

    4MB

  • Sample

    231207-fv5vksahg9

  • MD5

    4d31b2f6fbcde9725d9ca7947d7b51ae

  • SHA1

    f01c41dcf7fa4f236c003ab4eec0dd7893667361

  • SHA256

    bbde4876f8b3bc61bc43783a382f0ee7264bd6ecdf385ea9c7b5a50f934ec2b6

  • SHA512

    21ad9dedd3deef932755278d7bdd873a126414e50fbd4dfd3bdeb63f5204e3e1c383716fc274ecb74d31884a83161abf303bbd11f48822a233d9c4e12aab441e

  • SSDEEP

    12288:GvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82:2bLgddQhfdmMSirYbcM

Malware Config

Targets

    • Target

      2023-12-06_4d31b2f6fbcde9725d9ca7947d7b51ae_wannacry

    • Size

      4MB

    • MD5

      4d31b2f6fbcde9725d9ca7947d7b51ae

    • SHA1

      f01c41dcf7fa4f236c003ab4eec0dd7893667361

    • SHA256

      bbde4876f8b3bc61bc43783a382f0ee7264bd6ecdf385ea9c7b5a50f934ec2b6

    • SHA512

      21ad9dedd3deef932755278d7bdd873a126414e50fbd4dfd3bdeb63f5204e3e1c383716fc274ecb74d31884a83161abf303bbd11f48822a233d9c4e12aab441e

    • SSDEEP

      12288:GvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82:2bLgddQhfdmMSirYbcM

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3304) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (3305) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks