General

  • Target

    2024-09-21_a7c2bf4a360d6aa8e4cefedff7fc3ad9_wannacry

  • Size

    3.6MB

  • Sample

    240921-fd4k7awbkk

  • MD5

    a7c2bf4a360d6aa8e4cefedff7fc3ad9

  • SHA1

    0fef054bd876bbe37d88da52141400d27db68ba2

  • SHA256

    7052200e313acee91bf663c8c59dd794f962935573da69a4c472373f1071ffa9

  • SHA512

    bc85f5c65bc666f0c18d189c513dd0159b309f64ea6b1cd47ce65e8e839486f60da8557534b43fa9d160672f9e5a3d665373bb39bcbee1d967dc05f6c9af3763

  • SSDEEP

    49152:XnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv7Pf:X8qPoBhz1aRxcSUDk36SAEdhv7Pf

Malware Config

Targets

    • Target

      2024-09-21_a7c2bf4a360d6aa8e4cefedff7fc3ad9_wannacry

    • Size

      3.6MB

    • MD5

      a7c2bf4a360d6aa8e4cefedff7fc3ad9

    • SHA1

      0fef054bd876bbe37d88da52141400d27db68ba2

    • SHA256

      7052200e313acee91bf663c8c59dd794f962935573da69a4c472373f1071ffa9

    • SHA512

      bc85f5c65bc666f0c18d189c513dd0159b309f64ea6b1cd47ce65e8e839486f60da8557534b43fa9d160672f9e5a3d665373bb39bcbee1d967dc05f6c9af3763

    • SSDEEP

      49152:XnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv7Pf:X8qPoBhz1aRxcSUDk36SAEdhv7Pf

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3233) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks