General

  • Target

    089e816e66895ac15d52d1c837e7305c

  • Size

    5.0MB

  • Sample

    240321-nlvx1sad46

  • MD5

    089e816e66895ac15d52d1c837e7305c

  • SHA1

    233fe26bda1cd27e86d466cf50ecedf4c8744824

  • SHA256

    f3851a9e7415add84b677622f716c8f1e0346d2456a7ecd6cc5286ebda62694e

  • SHA512

    447153fd409291745830359137165a7d10ad02afc4c33cbafc9527daec433e529c467fce31b1807a267ce07728f6a2614bf4ce4af341f84d81fecca69505ce7a

  • SSDEEP

    49152:RnpEKUv9wC7+VQej/1INRx+TSqTdX1HkQ:1pyv+Fhz1aRxcSUDk

Malware Config

Targets

    • Target

      089e816e66895ac15d52d1c837e7305c

    • Size

      5.0MB

    • MD5

      089e816e66895ac15d52d1c837e7305c

    • SHA1

      233fe26bda1cd27e86d466cf50ecedf4c8744824

    • SHA256

      f3851a9e7415add84b677622f716c8f1e0346d2456a7ecd6cc5286ebda62694e

    • SHA512

      447153fd409291745830359137165a7d10ad02afc4c33cbafc9527daec433e529c467fce31b1807a267ce07728f6a2614bf4ce4af341f84d81fecca69505ce7a

    • SSDEEP

      49152:RnpEKUv9wC7+VQej/1INRx+TSqTdX1HkQ:1pyv+Fhz1aRxcSUDk

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3285) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks