General

  • Target

    2024-09-21_225f3606ab5b8673ff0e164ca787e3f7_wannacry

  • Size

    5.0MB

  • Sample

    240921-mt4z8ayckq

  • MD5

    225f3606ab5b8673ff0e164ca787e3f7

  • SHA1

    b8fb3bfcd6a3f8dd642320d3800eae3a85fca429

  • SHA256

    30c346f447a35817cd319e6f3aa7b9c5f9effa39655fde07c5e297d73ca2c59d

  • SHA512

    96cb8b0f00ea053db58bfa9604d381e23b8c12848cddb93b18448204a1497df90a663991646dcfd27b026f5587ac874534ce2c087ceb8ae32da24ae6c8172814

  • SSDEEP

    49152:2nAQqMSPbcBVQej/OANR2Qo6SAARdhnv:yDqPoBhzOyR236SAEdhv

Malware Config

Targets

    • Target

      2024-09-21_225f3606ab5b8673ff0e164ca787e3f7_wannacry

    • Size

      5.0MB

    • MD5

      225f3606ab5b8673ff0e164ca787e3f7

    • SHA1

      b8fb3bfcd6a3f8dd642320d3800eae3a85fca429

    • SHA256

      30c346f447a35817cd319e6f3aa7b9c5f9effa39655fde07c5e297d73ca2c59d

    • SHA512

      96cb8b0f00ea053db58bfa9604d381e23b8c12848cddb93b18448204a1497df90a663991646dcfd27b026f5587ac874534ce2c087ceb8ae32da24ae6c8172814

    • SSDEEP

      49152:2nAQqMSPbcBVQej/OANR2Qo6SAARdhnv:yDqPoBhzOyR236SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3306) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks