General

  • Target

    2024-09-22_f3d461244caa4fa99eddb1bcd8f8e5f6_wannacry

  • Size

    3.6MB

  • Sample

    240922-2vfrcayfqm

  • MD5

    f3d461244caa4fa99eddb1bcd8f8e5f6

  • SHA1

    a14aa0617df55e5ea36a377bfe1b1683f322b2ca

  • SHA256

    dadfa38538399402b9ad74be92ba2d63420a38ef565831e7828fc12ec5f13a8e

  • SHA512

    f2a632840c35e098cec82e61bbb79e07b9b278677b99c0a98cc1f32777948923475389b0bee4f1e5fb4c54f32f39f83b1e03ba7f8aa130b7d77612008bd8901b

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S:yDqPoBhz1aRxcSUDk36S

Malware Config

Targets

    • Target

      2024-09-22_f3d461244caa4fa99eddb1bcd8f8e5f6_wannacry

    • Size

      3.6MB

    • MD5

      f3d461244caa4fa99eddb1bcd8f8e5f6

    • SHA1

      a14aa0617df55e5ea36a377bfe1b1683f322b2ca

    • SHA256

      dadfa38538399402b9ad74be92ba2d63420a38ef565831e7828fc12ec5f13a8e

    • SHA512

      f2a632840c35e098cec82e61bbb79e07b9b278677b99c0a98cc1f32777948923475389b0bee4f1e5fb4c54f32f39f83b1e03ba7f8aa130b7d77612008bd8901b

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S:yDqPoBhz1aRxcSUDk36S

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3294) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks