General

  • Target

    2024-09-24_0e915dd8dcf9b5cc4ea8048dc549f21c_wannacry

  • Size

    5.0MB

  • Sample

    240924-lc998ssepf

  • MD5

    0e915dd8dcf9b5cc4ea8048dc549f21c

  • SHA1

    c6d25e417bce832513f4ea196d773421db2e1534

  • SHA256

    2a31d9bf3ac6f5793211109a07bf8e2472b81631846f2140a48fd593f4687682

  • SHA512

    d67d047937651b7622c294b0fa235ea0186f8efb686f37cea03793f44f3e39d80b272d4f3ba37bc25c5d3dd0c58fab12af20ad192b0734bad2e8342a3985c6a8

  • SSDEEP

    24576:QbLguriIfEcQdIVUacMNgef0QeQjG/B8k:QnpEKUacBVQej/

Malware Config

Targets

    • Target

      2024-09-24_0e915dd8dcf9b5cc4ea8048dc549f21c_wannacry

    • Size

      5.0MB

    • MD5

      0e915dd8dcf9b5cc4ea8048dc549f21c

    • SHA1

      c6d25e417bce832513f4ea196d773421db2e1534

    • SHA256

      2a31d9bf3ac6f5793211109a07bf8e2472b81631846f2140a48fd593f4687682

    • SHA512

      d67d047937651b7622c294b0fa235ea0186f8efb686f37cea03793f44f3e39d80b272d4f3ba37bc25c5d3dd0c58fab12af20ad192b0734bad2e8342a3985c6a8

    • SSDEEP

      24576:QbLguriIfEcQdIVUacMNgef0QeQjG/B8k:QnpEKUacBVQej/

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3138) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks