General

  • Target

    202409242f91a861102729d143efdf329a0810e2wannacry

  • Size

    5.0MB

  • Sample

    240924-vs87jsvdqn

  • MD5

    2f91a861102729d143efdf329a0810e2

  • SHA1

    90e591f0c9277ee15df4dac093eb1228f2278e74

  • SHA256

    7604ba0030ba7e8a38548bc08c0fe4ced9d5356763e7b67663ea76081546a229

  • SHA512

    21102ba2fe50eaf6e95b15abc022599090ffc9482113d97e838e4a3588e154c003082cd86a4b190d7ac4f8da41f6c17370925c814a380a544ae8d8d50f629be8

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:yDqPe1Cxcxk3ZAEUadzR8yc4

Malware Config

Targets

    • Target

      202409242f91a861102729d143efdf329a0810e2wannacry

    • Size

      5.0MB

    • MD5

      2f91a861102729d143efdf329a0810e2

    • SHA1

      90e591f0c9277ee15df4dac093eb1228f2278e74

    • SHA256

      7604ba0030ba7e8a38548bc08c0fe4ced9d5356763e7b67663ea76081546a229

    • SHA512

      21102ba2fe50eaf6e95b15abc022599090ffc9482113d97e838e4a3588e154c003082cd86a4b190d7ac4f8da41f6c17370925c814a380a544ae8d8d50f629be8

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:yDqPe1Cxcxk3ZAEUadzR8yc4

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3249) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks