General

  • Target

    2024-09-20_4b5b3a6239ff958bbe2e079e8b58fa79_wannacry

  • Size

    5.0MB

  • Sample

    240920-jksn2swdjq

  • MD5

    4b5b3a6239ff958bbe2e079e8b58fa79

  • SHA1

    485f88b1142030cf91052780a9168c31c0db32c5

  • SHA256

    ef0e79c89cb69a5cc56d396137ca9d817a89bf08cb8d940d94d58a2423c5dbbf

  • SHA512

    1a6da2434266820527b33e9bff54f541c85cf322dfb647da0039d6e2f7ed2e419cbba8b016fd2c95d62638b54799a03010cb1606bdb0c62e0e42ec0b22623bda

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P5IR8yAVp2H:yDqPe1Cxcxk3ZAEUadyR8yc4H

Malware Config

Targets

    • Target

      2024-09-20_4b5b3a6239ff958bbe2e079e8b58fa79_wannacry

    • Size

      5.0MB

    • MD5

      4b5b3a6239ff958bbe2e079e8b58fa79

    • SHA1

      485f88b1142030cf91052780a9168c31c0db32c5

    • SHA256

      ef0e79c89cb69a5cc56d396137ca9d817a89bf08cb8d940d94d58a2423c5dbbf

    • SHA512

      1a6da2434266820527b33e9bff54f541c85cf322dfb647da0039d6e2f7ed2e419cbba8b016fd2c95d62638b54799a03010cb1606bdb0c62e0e42ec0b22623bda

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P5IR8yAVp2H:yDqPe1Cxcxk3ZAEUadyR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3234) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks