General

  • Target

    20240916b26caef432198e5964bde9c257d4d3d6wannacry

  • Size

    5.0MB

  • Sample

    240916-wtr54ascqe

  • MD5

    b26caef432198e5964bde9c257d4d3d6

  • SHA1

    cb2eed5b768dd29934669512c2c0d39d98a22dde

  • SHA256

    fecad50600eb868939150e598482c150146fb80d2801569a4025a45c4b16072e

  • SHA512

    436c9470f800ec17bb6bf576eede42896fc83b3799cef2a4132a6be2183ffc13ffb2cd8dd423d9664e27fa561fe4d255b0820961f3605e8755893cc4f9e431e1

  • SSDEEP

    24576:QbLgddQhfdmMSirYbcMNgef0QeQjG/D8kI5miHkQg6eX6SASk+R:QnAQqMSPbcBVQej/m1HkQo6SAAR

Malware Config

Targets

    • Target

      20240916b26caef432198e5964bde9c257d4d3d6wannacry

    • Size

      5.0MB

    • MD5

      b26caef432198e5964bde9c257d4d3d6

    • SHA1

      cb2eed5b768dd29934669512c2c0d39d98a22dde

    • SHA256

      fecad50600eb868939150e598482c150146fb80d2801569a4025a45c4b16072e

    • SHA512

      436c9470f800ec17bb6bf576eede42896fc83b3799cef2a4132a6be2183ffc13ffb2cd8dd423d9664e27fa561fe4d255b0820961f3605e8755893cc4f9e431e1

    • SSDEEP

      24576:QbLgddQhfdmMSirYbcMNgef0QeQjG/D8kI5miHkQg6eX6SASk+R:QnAQqMSPbcBVQej/m1HkQo6SAAR

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3223) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks