General

  • Target

    WannaCry Plus ransomware.zip

  • Size

    2.3MB

  • Sample

    240910-z3vt5axala

  • MD5

    5641d280a62b66943bf2d05a72a972c7

  • SHA1

    c857f1162c316a25eeff6116e249a97b59538585

  • SHA256

    ab14c3f5741c06ad40632447b2fc10662d151afb32066a507aab4ec866ffd488

  • SHA512

    0633bc32fa6d31b4c6f04171002ad5da6bb83571b9766e5c8d81002037b4bc96e86eb059d35cf5ce17a1a75767461ba5ac0a89267c3d0e5ce165719ca2af1752

  • SSDEEP

    49152:9mqR0GTCRh8C9PYUYwm79evoBD2HSypKLZ5u/KU940CwmWtSQX5ddmL6T:RA8GY3b9ev62yypKLlUVCpSSQX5ddmeT

Malware Config

Targets

    • Target

      Win32.Wannacry.exe

    • Size

      5.0MB

    • MD5

      30fe2f9a048d7a734c8d9233f64810ba

    • SHA1

      2027a053de21bd5c783c3f823ed1d36966780ed4

    • SHA256

      55504677f82981962d85495231695d3a92aa0b31ec35a957bd9cbbef618658e3

    • SHA512

      b657b02506f768db3255293b0c86452b4dfdd30804629c323aaa9510a3b637b0906e5963179ef7d4aaedc14646f2be2b4292e6584a6c55c6ddb596cff7f20e2a

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks