General
-
Target
2024-04-18_6100f40d116f5b2b343cdafa4673e0ff_wannacry
-
Size
3.6MB
-
Sample
240418-11n48shb5x
-
MD5
6100f40d116f5b2b343cdafa4673e0ff
-
SHA1
515037709e0ec5e93a764f5c1e9fdf933b66cb0e
-
SHA256
09dd3d6f5c79862d7a9cdc85a1e599c2eb4d153ae47e13c44d948451df95fa95
-
SHA512
324e2bd06465602377eec30808f7450715fd0e982029248f78df09f07f925a1f9e2e92d1d5cce5eea5338254eb467d312dff9c1233ce1b60821eeddd466b6692
-
SSDEEP
98304:iDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2Hz:iDqPe1Cxcxk3ZAEUadzR8yc4Hz
Malware Config
Targets
-
-
Target
2024-04-18_6100f40d116f5b2b343cdafa4673e0ff_wannacry
-
Size
3.6MB
-
MD5
6100f40d116f5b2b343cdafa4673e0ff
-
SHA1
515037709e0ec5e93a764f5c1e9fdf933b66cb0e
-
SHA256
09dd3d6f5c79862d7a9cdc85a1e599c2eb4d153ae47e13c44d948451df95fa95
-
SHA512
324e2bd06465602377eec30808f7450715fd0e982029248f78df09f07f925a1f9e2e92d1d5cce5eea5338254eb467d312dff9c1233ce1b60821eeddd466b6692
-
SSDEEP
98304:iDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2Hz:iDqPe1Cxcxk3ZAEUadzR8yc4Hz
Score10/10-
Modifies firewall policy service
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3114) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Drops file in Drivers directory
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-