General

  • Target

    2024-09-15_00d251d4a994f6737d40e1bb75881909_wannacry

  • Size

    2.2MB

  • Sample

    240915-2zh29sxdrm

  • MD5

    00d251d4a994f6737d40e1bb75881909

  • SHA1

    f8f7c6179d50470db38b0e6d1ff9058cb6985c31

  • SHA256

    a1cad552712cd85c7f0388173df25befb0dc56e4535442fe3d1ea607c02c29e5

  • SHA512

    b9dbd119020817a91fecdb1c342400c3304010157e9f586d31340727ac971442ff6f097dcbab29b8314c258716af61ade7c22bd0ec4ce10961a42f35ca04426f

  • SSDEEP

    49152:QnUMSRacBVQej/1INRx+TSqTdX1HkQo6SAARdhnvn:QURfBhz1aRxcSUDk36SAEdhvn

Malware Config

Targets

    • Target

      2024-09-15_00d251d4a994f6737d40e1bb75881909_wannacry

    • Size

      2.2MB

    • MD5

      00d251d4a994f6737d40e1bb75881909

    • SHA1

      f8f7c6179d50470db38b0e6d1ff9058cb6985c31

    • SHA256

      a1cad552712cd85c7f0388173df25befb0dc56e4535442fe3d1ea607c02c29e5

    • SHA512

      b9dbd119020817a91fecdb1c342400c3304010157e9f586d31340727ac971442ff6f097dcbab29b8314c258716af61ade7c22bd0ec4ce10961a42f35ca04426f

    • SSDEEP

      49152:QnUMSRacBVQej/1INRx+TSqTdX1HkQo6SAARdhnvn:QURfBhz1aRxcSUDk36SAEdhvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3227) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks