General

  • Target

    2024-09-16_777c422afeed685b427fbcbb6c7b22d5_wannacry

  • Size

    3.6MB

  • Sample

    240916-d8jhdsxfjq

  • MD5

    777c422afeed685b427fbcbb6c7b22d5

  • SHA1

    1a5e1a2c5e0f1a4b8bffebcccd977bbe38b0e8d8

  • SHA256

    da4e4351bad4ab16c4774c29c22e37167f6458c547d2c681c9c88dd4b147bd22

  • SHA512

    bb1d7cf9a09f437f48b67a86b84329a9c89285a98fb771b589ee236a217deeec84d810bdcf81c5e1ac44ea82c8d75f5071e301422a41e01e3775d03230f94e0f

  • SSDEEP

    49152:XnAQA0y4YnEEeZezw2uvgyd7+KnT2becwT6DGMIBHuLZyLUcRhRt/IbmwW6LC:XDA0yKi9ywKSbevWSdOLZSPebdWOC

Malware Config

Targets

    • Target

      2024-09-16_777c422afeed685b427fbcbb6c7b22d5_wannacry

    • Size

      3.6MB

    • MD5

      777c422afeed685b427fbcbb6c7b22d5

    • SHA1

      1a5e1a2c5e0f1a4b8bffebcccd977bbe38b0e8d8

    • SHA256

      da4e4351bad4ab16c4774c29c22e37167f6458c547d2c681c9c88dd4b147bd22

    • SHA512

      bb1d7cf9a09f437f48b67a86b84329a9c89285a98fb771b589ee236a217deeec84d810bdcf81c5e1ac44ea82c8d75f5071e301422a41e01e3775d03230f94e0f

    • SSDEEP

      49152:XnAQA0y4YnEEeZezw2uvgyd7+KnT2becwT6DGMIBHuLZyLUcRhRt/IbmwW6LC:XDA0yKi9ywKSbevWSdOLZSPebdWOC

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3211) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks