General

  • Target

    0809317cf171214134b95e7fe30cfbdb4cd084b80fee2dd72e3f730815d61815

  • Size

    5.0MB

  • Sample

    240907-w3w6eaxgpm

  • MD5

    cee148b7b90b060e652b8421f8e53642

  • SHA1

    91a9909f9521610b625a73b9227390ea55e97489

  • SHA256

    0809317cf171214134b95e7fe30cfbdb4cd084b80fee2dd72e3f730815d61815

  • SHA512

    07438f66601e64249745bfbfece767f48d3ded823096d33a8ca20e02483ebdae7c1eff48a3e0b2e1b95de1c34d949c2209618b1b2e20c6f40b8b4294f872a2b5

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9LG5CRxvb5aj:+DqPe1Cxcxk3ZAEUa0Ynb5

Malware Config

Targets

    • Target

      0809317cf171214134b95e7fe30cfbdb4cd084b80fee2dd72e3f730815d61815

    • Size

      5.0MB

    • MD5

      cee148b7b90b060e652b8421f8e53642

    • SHA1

      91a9909f9521610b625a73b9227390ea55e97489

    • SHA256

      0809317cf171214134b95e7fe30cfbdb4cd084b80fee2dd72e3f730815d61815

    • SHA512

      07438f66601e64249745bfbfece767f48d3ded823096d33a8ca20e02483ebdae7c1eff48a3e0b2e1b95de1c34d949c2209618b1b2e20c6f40b8b4294f872a2b5

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9LG5CRxvb5aj:+DqPe1Cxcxk3ZAEUa0Ynb5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3259) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks