General

  • Target

    20240916f8746274f24bd5fc5f8e027db7d6dc1dwannacry

  • Size

    5.0MB

  • Sample

    240916-xgngtatgql

  • MD5

    f8746274f24bd5fc5f8e027db7d6dc1d

  • SHA1

    60fc7bd99aff00083e3e362ab592fddcdae6d876

  • SHA256

    a422e1d7c39047ef91361e42bbd1637b1b82d33c74034c693f42fa187c20271a

  • SHA512

    f29ca9e94cf58ce822b322394527db1cdfaa832d72fde535946eb10b74eb16ce728e451300c9d46b4feaa77981dad5293520fc730bb16bb721df6796cb6b1d70

  • SSDEEP

    24576:QbLgdeQhfVZMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6627X6SASk+RdhAdmv:QnjQ1MSPbcBVQej/1INRp6SAARdhnv

Malware Config

Targets

    • Target

      20240916f8746274f24bd5fc5f8e027db7d6dc1dwannacry

    • Size

      5.0MB

    • MD5

      f8746274f24bd5fc5f8e027db7d6dc1d

    • SHA1

      60fc7bd99aff00083e3e362ab592fddcdae6d876

    • SHA256

      a422e1d7c39047ef91361e42bbd1637b1b82d33c74034c693f42fa187c20271a

    • SHA512

      f29ca9e94cf58ce822b322394527db1cdfaa832d72fde535946eb10b74eb16ce728e451300c9d46b4feaa77981dad5293520fc730bb16bb721df6796cb6b1d70

    • SSDEEP

      24576:QbLgdeQhfVZMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6627X6SASk+RdhAdmv:QnjQ1MSPbcBVQej/1INRp6SAARdhnv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3331) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks