General

  • Target

    2024-09-23_71e9ce6a95ec08d14514fbc91d20a198_wannacry

  • Size

    5.0MB

  • Sample

    240923-p7dfjazhkb

  • MD5

    71e9ce6a95ec08d14514fbc91d20a198

  • SHA1

    f070787e388af4df3dc4c67c3d2bbaba0d005938

  • SHA256

    edcbc89843e986bcd22d23623f889100525ac6758494b106d0c1edcacbb8d460

  • SHA512

    d1784cdfda7887309048d653eba6cb7356ba64b48f9d001c91f7071321e52c81c8af3cda36ca905f4e02f133b742a1f533c8dc9affa85d68d8a87011b57e408a

  • SSDEEP

    98304:yDqPoBhzTxcSUDk36SAvxWa9P593R8yAVp2H:yDqPeTxcxk3ZAYadzR8yc4H

Malware Config

Targets

    • Target

      2024-09-23_71e9ce6a95ec08d14514fbc91d20a198_wannacry

    • Size

      5.0MB

    • MD5

      71e9ce6a95ec08d14514fbc91d20a198

    • SHA1

      f070787e388af4df3dc4c67c3d2bbaba0d005938

    • SHA256

      edcbc89843e986bcd22d23623f889100525ac6758494b106d0c1edcacbb8d460

    • SHA512

      d1784cdfda7887309048d653eba6cb7356ba64b48f9d001c91f7071321e52c81c8af3cda36ca905f4e02f133b742a1f533c8dc9affa85d68d8a87011b57e408a

    • SSDEEP

      98304:yDqPoBhzTxcSUDk36SAvxWa9P593R8yAVp2H:yDqPeTxcxk3ZAYadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3274) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks