General

  • Target

    2024-09-16_d25a3c81cdb9b7972fde51b2ff93ccd3_wannacry

  • Size

    5.0MB

  • Sample

    240916-st7n1avepr

  • MD5

    d25a3c81cdb9b7972fde51b2ff93ccd3

  • SHA1

    7d0aa14c366564a725a4b3db2f4a067f520eb677

  • SHA256

    e08196cd380b029fd59ac93b3da3d2a495579c23420026e0fc44c0ebbd8cfbf0

  • SHA512

    d5051b563418b4b017669466be61106ea204b003711d34847c8d5820c693340e4039c5e035a64ed8e50ff41dade0b6c9e97be7c071d8931378766e47004acd06

  • SSDEEP

    49152:QnsQqMSPbcBVTx+TSqTdX1HkQo6SAARdhnv:Q/qPoBVxcSUDk36SAEdhv

Malware Config

Targets

    • Target

      2024-09-16_d25a3c81cdb9b7972fde51b2ff93ccd3_wannacry

    • Size

      5.0MB

    • MD5

      d25a3c81cdb9b7972fde51b2ff93ccd3

    • SHA1

      7d0aa14c366564a725a4b3db2f4a067f520eb677

    • SHA256

      e08196cd380b029fd59ac93b3da3d2a495579c23420026e0fc44c0ebbd8cfbf0

    • SHA512

      d5051b563418b4b017669466be61106ea204b003711d34847c8d5820c693340e4039c5e035a64ed8e50ff41dade0b6c9e97be7c071d8931378766e47004acd06

    • SSDEEP

      49152:QnsQqMSPbcBVTx+TSqTdX1HkQo6SAARdhnv:Q/qPoBVxcSUDk36SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3117) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks