Resubmissions

26-09-2024 23:37

240926-3l6f3stfmq 10

02-09-2024 23:31

240902-3h3k1s1gka 10

General

  • Target

    2024-09-02_30530f95e73bb03e52eb2554996d509a_wannacry

  • Size

    2.2MB

  • Sample

    240902-3h3k1s1gka

  • MD5

    30530f95e73bb03e52eb2554996d509a

  • SHA1

    8178d0f442b3b186f1e0da15c4524bb044cec6f4

  • SHA256

    5ef8d0008552e723697e9164c8da769099c2833a2fa795208038eb2e1982f94a

  • SHA512

    32f2acf1b2236a7b015016790d7de21d1f36e18a53817c9b4c496a7114e0312033d064e0dcb477e7281936715402e14a3b6698239b6b5991cf9b2bde3054c3ef

  • SSDEEP

    49152:QnpzMSPbcBVQej/1INgwuqzgX8knK4JKARp:QpzPoBhz1ay

Malware Config

Targets

    • Target

      2024-09-02_30530f95e73bb03e52eb2554996d509a_wannacry

    • Size

      2.2MB

    • MD5

      30530f95e73bb03e52eb2554996d509a

    • SHA1

      8178d0f442b3b186f1e0da15c4524bb044cec6f4

    • SHA256

      5ef8d0008552e723697e9164c8da769099c2833a2fa795208038eb2e1982f94a

    • SHA512

      32f2acf1b2236a7b015016790d7de21d1f36e18a53817c9b4c496a7114e0312033d064e0dcb477e7281936715402e14a3b6698239b6b5991cf9b2bde3054c3ef

    • SSDEEP

      49152:QnpzMSPbcBVQej/1INgwuqzgX8knK4JKARp:QpzPoBhz1ay

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3148) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks