General

  • Target

    2024-02-20_86bcc39593a15f686ff3b992c7fccd6c_wannacry

  • Size

    5.0MB

  • Sample

    240220-pxfsxaha22

  • MD5

    86bcc39593a15f686ff3b992c7fccd6c

  • SHA1

    0439fb3ec7ea9ac2a7e146fbd2940718a3ac2033

  • SHA256

    096435c8d44195a289dae272484a9cf5931add85bee516313035bd51e2ec3800

  • SHA512

    e20cfbc73403d38e1309edadbfbbcbfb354a22f650ee6c687121674d5c88e18e0fa419d96d36c5f6c56600425d57b2858355ccd437513b4bf57334fd884c6e53

  • SSDEEP

    49152:QnnMSPbcBVQej/0NRx+TSqTdX1HkQo6SAAmhnv:QnPoBhzGRxcSUDk36SAThv

Malware Config

Targets

    • Target

      2024-02-20_86bcc39593a15f686ff3b992c7fccd6c_wannacry

    • Size

      5.0MB

    • MD5

      86bcc39593a15f686ff3b992c7fccd6c

    • SHA1

      0439fb3ec7ea9ac2a7e146fbd2940718a3ac2033

    • SHA256

      096435c8d44195a289dae272484a9cf5931add85bee516313035bd51e2ec3800

    • SHA512

      e20cfbc73403d38e1309edadbfbbcbfb354a22f650ee6c687121674d5c88e18e0fa419d96d36c5f6c56600425d57b2858355ccd437513b4bf57334fd884c6e53

    • SSDEEP

      49152:QnnMSPbcBVQej/0NRx+TSqTdX1HkQo6SAAmhnv:QnPoBhzGRxcSUDk36SAThv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2905) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks