General

  • Target

    2024-09-21_033d88f940d1baabe13287bee707b69e_wannacry

  • Size

    5.0MB

  • Sample

    240921-mss7bsybpm

  • MD5

    033d88f940d1baabe13287bee707b69e

  • SHA1

    b435bc1d590d5ebf7463587341f4c3669faa418e

  • SHA256

    5c26ab0ac8bcb0163532bacc9dcaefad8eabcde54096c077ff5106d540d1e711

  • SHA512

    939ed8db4259ead0c61e32e7e121a57a744d523538669798c2fcd86588dddbaca7e501845ced5a5734ada5cbf673e2412930e4b4cf5f24e5cc3404a21acb9558

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAKAMEcaEaue5c/bXZROAx:yDqPoBhz1aRxcSUDk36SAZ59Uc/J

Malware Config

Targets

    • Target

      2024-09-21_033d88f940d1baabe13287bee707b69e_wannacry

    • Size

      5.0MB

    • MD5

      033d88f940d1baabe13287bee707b69e

    • SHA1

      b435bc1d590d5ebf7463587341f4c3669faa418e

    • SHA256

      5c26ab0ac8bcb0163532bacc9dcaefad8eabcde54096c077ff5106d540d1e711

    • SHA512

      939ed8db4259ead0c61e32e7e121a57a744d523538669798c2fcd86588dddbaca7e501845ced5a5734ada5cbf673e2412930e4b4cf5f24e5cc3404a21acb9558

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAKAMEcaEaue5c/bXZROAx:yDqPoBhz1aRxcSUDk36SAZ59Uc/J

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3318) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks