General

  • Target

    2024-09-15_c2518e860b9fe614dd7a0d4ebaf1eda2_wannacry

  • Size

    5.0MB

  • Sample

    240915-ll3lraxfmk

  • MD5

    c2518e860b9fe614dd7a0d4ebaf1eda2

  • SHA1

    d9be161a6fb4b79f10ceafe30109a2599dbf75d0

  • SHA256

    c2d6eb0a76b139b02342c1d5d75c1b744afef9052777425800bc90d1462b4f47

  • SHA512

    042ab2d148e9c08bfa21e79698229ad1e609d6a9c27873dff91d03b1c8b091d56f4baa715489bd9212abc7e530fc7e12d1924fa75744abca4085c36e789bbd5f

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:XDqPoBhz1aRxcSUDk36SAEdhv

Malware Config

Targets

    • Target

      2024-09-15_c2518e860b9fe614dd7a0d4ebaf1eda2_wannacry

    • Size

      5.0MB

    • MD5

      c2518e860b9fe614dd7a0d4ebaf1eda2

    • SHA1

      d9be161a6fb4b79f10ceafe30109a2599dbf75d0

    • SHA256

      c2d6eb0a76b139b02342c1d5d75c1b744afef9052777425800bc90d1462b4f47

    • SHA512

      042ab2d148e9c08bfa21e79698229ad1e609d6a9c27873dff91d03b1c8b091d56f4baa715489bd9212abc7e530fc7e12d1924fa75744abca4085c36e789bbd5f

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:XDqPoBhz1aRxcSUDk36SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3176) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks