General

  • Target

    2024-09-15_439e0fef74a091962ec69c04a729e76f_wannacry

  • Size

    2.2MB

  • Sample

    240915-wz9x4axbjr

  • MD5

    439e0fef74a091962ec69c04a729e76f

  • SHA1

    d5bf6cbfbc32869d1eeab81d6978b87ab0e8fd75

  • SHA256

    9e18c2f969e23d345abc5007689cbe18fac1d8d1333466055a503d0b746e72bb

  • SHA512

    31bab114966e6673b7bffd23050bfe7a39ea239a1445bb93f3d0d65cbbcddc622b2546de80db5841902c3b7f2aa737db0c0251f89f6d6ff7195ab7a6c83483dc

  • SSDEEP

    24576:QbLgurihdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz66:QnnMSPbcBVQej/1INR

Malware Config

Targets

    • Target

      2024-09-15_439e0fef74a091962ec69c04a729e76f_wannacry

    • Size

      2.2MB

    • MD5

      439e0fef74a091962ec69c04a729e76f

    • SHA1

      d5bf6cbfbc32869d1eeab81d6978b87ab0e8fd75

    • SHA256

      9e18c2f969e23d345abc5007689cbe18fac1d8d1333466055a503d0b746e72bb

    • SHA512

      31bab114966e6673b7bffd23050bfe7a39ea239a1445bb93f3d0d65cbbcddc622b2546de80db5841902c3b7f2aa737db0c0251f89f6d6ff7195ab7a6c83483dc

    • SSDEEP

      24576:QbLgurihdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz66:QnnMSPbcBVQej/1INR

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3180) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks