General

  • Target

    20240910c93db2f47557d0b85e52399288cd710bwannacry

  • Size

    5.0MB

  • Sample

    240910-r6fwdaycqp

  • MD5

    c93db2f47557d0b85e52399288cd710b

  • SHA1

    34a17cc33db13d7ef60e09b64fa45ad4bfe113a8

  • SHA256

    f36cd461618c48c8d8cf629f108088dab4d81228b942e9a155aed0442aeb72f5

  • SHA512

    15268c011bbac94c522f32aac0082ba131a21199e8612a7446b443fff335bc0c6e9f20c6f1eaff6292b60961286cfd564fd9933e169ba71d019ece3ef3a804e0

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9LG5CRxvb5aj:yDqPe1Cxcxk3ZAEUa0Ynb5

Malware Config

Targets

    • Target

      20240910c93db2f47557d0b85e52399288cd710bwannacry

    • Size

      5.0MB

    • MD5

      c93db2f47557d0b85e52399288cd710b

    • SHA1

      34a17cc33db13d7ef60e09b64fa45ad4bfe113a8

    • SHA256

      f36cd461618c48c8d8cf629f108088dab4d81228b942e9a155aed0442aeb72f5

    • SHA512

      15268c011bbac94c522f32aac0082ba131a21199e8612a7446b443fff335bc0c6e9f20c6f1eaff6292b60961286cfd564fd9933e169ba71d019ece3ef3a804e0

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9LG5CRxvb5aj:yDqPe1Cxcxk3ZAEUa0Ynb5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3330) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks