General

  • Target

    a903d75b894efefc834cff35afc6d429fa3929a2ef8b801889a906cb3d210139

  • Size

    5.0MB

  • Sample

    240915-a1m9tswelj

  • MD5

    43295328bbda9562e1f06bf87f75c0e3

  • SHA1

    93f34f8dcdf8029f71bc2882055fbd8e9355abe7

  • SHA256

    a903d75b894efefc834cff35afc6d429fa3929a2ef8b801889a906cb3d210139

  • SHA512

    9f61e5403b0b05bcd7d615fb0fc0d56c1c28df464e2babf814878d862c973ff5be70cb6f853c27a837e3974f7be9589b570285adbf245046f3407608e70b64e7

  • SSDEEP

    24576:RbLgdeQhfVZMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6627X6SASk+RdhAdmv:RnjQ1MSPbcBVQej/1INRp6SAARdhnv

Malware Config

Targets

    • Target

      a903d75b894efefc834cff35afc6d429fa3929a2ef8b801889a906cb3d210139

    • Size

      5.0MB

    • MD5

      43295328bbda9562e1f06bf87f75c0e3

    • SHA1

      93f34f8dcdf8029f71bc2882055fbd8e9355abe7

    • SHA256

      a903d75b894efefc834cff35afc6d429fa3929a2ef8b801889a906cb3d210139

    • SHA512

      9f61e5403b0b05bcd7d615fb0fc0d56c1c28df464e2babf814878d862c973ff5be70cb6f853c27a837e3974f7be9589b570285adbf245046f3407608e70b64e7

    • SSDEEP

      24576:RbLgdeQhfVZMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6627X6SASk+RdhAdmv:RnjQ1MSPbcBVQej/1INRp6SAARdhnv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3282) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks