General

  • Target

    202409152222cb3a0e552fbb61c9c3b39250369cwannacry

  • Size

    5.0MB

  • Sample

    240915-qarsbsvbme

  • MD5

    2222cb3a0e552fbb61c9c3b39250369c

  • SHA1

    d75b257dcfd8f5e503507b60b68293ae5f46859f

  • SHA256

    cdeb5b8d9d85085c2458674e90a545e3f3fe0a8c83b29b105393e20ea466c00d

  • SHA512

    97f71534d62b528cdd42ce8962d2c6424f0e3e53758a112f326bf081462901706b6a816170cea29768523ec0d6abbbf31497d7092dd59cab061812365e346a90

  • SSDEEP

    12288:GvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFr:2bLgddQhfdmMSirYbcMNgef0QeQjG

Malware Config

Targets

    • Target

      202409152222cb3a0e552fbb61c9c3b39250369cwannacry

    • Size

      5.0MB

    • MD5

      2222cb3a0e552fbb61c9c3b39250369c

    • SHA1

      d75b257dcfd8f5e503507b60b68293ae5f46859f

    • SHA256

      cdeb5b8d9d85085c2458674e90a545e3f3fe0a8c83b29b105393e20ea466c00d

    • SHA512

      97f71534d62b528cdd42ce8962d2c6424f0e3e53758a112f326bf081462901706b6a816170cea29768523ec0d6abbbf31497d7092dd59cab061812365e346a90

    • SSDEEP

      12288:GvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFr:2bLgddQhfdmMSirYbcMNgef0QeQjG

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3099) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks