General

  • Target

    2024-09-22_38ea24dbf49506bdc052ead9cee9234e_wannacry

  • Size

    3.6MB

  • Sample

    240922-s5tlhsxbme

  • MD5

    38ea24dbf49506bdc052ead9cee9234e

  • SHA1

    7fbfea41f3ae296125e54938d25a6da60acd1d87

  • SHA256

    cdf6e2a4f4d7739247bcf7cb531c7a1e279e2df1611cf6cbd07fddc2b59cffb6

  • SHA512

    06a95c97ed0727854328cb4da49beb64d839a40d261422deb3ede6f9cbc3cc25dde0b8f4d2023080d8300fc705d8ebef78b256cc02eb3efc1b5689f7f86da976

  • SSDEEP

    98304:yDqPoBi1aRxcSUDk36SAEdhvxWa9P593R8yAVp2r:yDqPJ1Cxcxk3ZAEUadzR8yc4r

Malware Config

Targets

    • Target

      2024-09-22_38ea24dbf49506bdc052ead9cee9234e_wannacry

    • Size

      3.6MB

    • MD5

      38ea24dbf49506bdc052ead9cee9234e

    • SHA1

      7fbfea41f3ae296125e54938d25a6da60acd1d87

    • SHA256

      cdf6e2a4f4d7739247bcf7cb531c7a1e279e2df1611cf6cbd07fddc2b59cffb6

    • SHA512

      06a95c97ed0727854328cb4da49beb64d839a40d261422deb3ede6f9cbc3cc25dde0b8f4d2023080d8300fc705d8ebef78b256cc02eb3efc1b5689f7f86da976

    • SSDEEP

      98304:yDqPoBi1aRxcSUDk36SAEdhvxWa9P593R8yAVp2r:yDqPJ1Cxcxk3ZAEUadzR8yc4r

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3209) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks