General

  • Target

    2024-09-12_39869e214743278b37e59b6871299a14_wannacry

  • Size

    5.0MB

  • Sample

    240912-tja3qasgqr

  • MD5

    39869e214743278b37e59b6871299a14

  • SHA1

    49db833e05f3182a379ace160c2d7fdc74f892a6

  • SHA256

    77fec8e220b0956e1e4e3bfe974996da97c4f29e6ec46e66549c844836c8b5a0

  • SHA512

    f5cc65a145eff3a484ea6ef2ac244e841051ae2b9a7300629da03ee14464b766b5e538ba51c3b9e027cf837dfeeb8682ce963601fa1a3b66558c2f733657e1b9

  • SSDEEP

    49152:QnxQqMSPbcBVQej/1INRx+TSqTdX1HkQo6:Q6qPoBhz1aRxcSUDk36

Malware Config

Targets

    • Target

      2024-09-12_39869e214743278b37e59b6871299a14_wannacry

    • Size

      5.0MB

    • MD5

      39869e214743278b37e59b6871299a14

    • SHA1

      49db833e05f3182a379ace160c2d7fdc74f892a6

    • SHA256

      77fec8e220b0956e1e4e3bfe974996da97c4f29e6ec46e66549c844836c8b5a0

    • SHA512

      f5cc65a145eff3a484ea6ef2ac244e841051ae2b9a7300629da03ee14464b766b5e538ba51c3b9e027cf837dfeeb8682ce963601fa1a3b66558c2f733657e1b9

    • SSDEEP

      49152:QnxQqMSPbcBVQej/1INRx+TSqTdX1HkQo6:Q6qPoBhz1aRxcSUDk36

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2149) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks