General

  • Target

    202409166dd98738d86ddbc32bb2092ffbe842e4wannacry

  • Size

    5.0MB

  • Sample

    240916-wkm5sa1gmh

  • MD5

    6dd98738d86ddbc32bb2092ffbe842e4

  • SHA1

    c742f4483c81a443d19b9d1b7f1ad6a5ede5cd4e

  • SHA256

    2677c44d5e6c2a6eded55afbf3ea9833ad4d49517f168a21f6d3a2ff2db5aad9

  • SHA512

    7c81e9aa252e5a1ae46c589b623924a31ffafe8575bb45721adbfe3234fa757bde167f1d880c89f88ed2c4ac4fd4df21256ce7457c8a13490a7a86327401d4de

  • SSDEEP

    49152:QnpEKvnEEeZezw2uvgyd7+KnT2becwT6DGMIBHuLZy:Qpqi9ywKSbevWSdOLZ

Malware Config

Targets

    • Target

      202409166dd98738d86ddbc32bb2092ffbe842e4wannacry

    • Size

      5.0MB

    • MD5

      6dd98738d86ddbc32bb2092ffbe842e4

    • SHA1

      c742f4483c81a443d19b9d1b7f1ad6a5ede5cd4e

    • SHA256

      2677c44d5e6c2a6eded55afbf3ea9833ad4d49517f168a21f6d3a2ff2db5aad9

    • SHA512

      7c81e9aa252e5a1ae46c589b623924a31ffafe8575bb45721adbfe3234fa757bde167f1d880c89f88ed2c4ac4fd4df21256ce7457c8a13490a7a86327401d4de

    • SSDEEP

      49152:QnpEKvnEEeZezw2uvgyd7+KnT2becwT6DGMIBHuLZy:Qpqi9ywKSbevWSdOLZ

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2111) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks