General

  • Target

    2024-09-16_abfd7d9beaf00b29d60045f939e7ec91_wannacry

  • Size

    5.0MB

  • Sample

    240916-tm3l5sxajf

  • MD5

    abfd7d9beaf00b29d60045f939e7ec91

  • SHA1

    c5bd2441b0a445900a019fc8539eb4a8864deb3d

  • SHA256

    1bdf42d7dce56659bfe35b6170ae820bed203c205cbe67cfd374c6aaee2df984

  • SHA512

    d7e3459a4259d66f6890763058cf0ba536d19c365d1b950f0dad6d5582417cd4d615b92df5e86bb7d7c8a46af424dc22fd478f6f2b838d554864358f00494fa4

  • SSDEEP

    24576:QbLguriBJMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVX:QnGMSPbcBVQej/1INRx+TSqTdX

Malware Config

Targets

    • Target

      2024-09-16_abfd7d9beaf00b29d60045f939e7ec91_wannacry

    • Size

      5.0MB

    • MD5

      abfd7d9beaf00b29d60045f939e7ec91

    • SHA1

      c5bd2441b0a445900a019fc8539eb4a8864deb3d

    • SHA256

      1bdf42d7dce56659bfe35b6170ae820bed203c205cbe67cfd374c6aaee2df984

    • SHA512

      d7e3459a4259d66f6890763058cf0ba536d19c365d1b950f0dad6d5582417cd4d615b92df5e86bb7d7c8a46af424dc22fd478f6f2b838d554864358f00494fa4

    • SSDEEP

      24576:QbLguriBJMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVX:QnGMSPbcBVQej/1INRx+TSqTdX

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3126) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks