General

  • Target

    2024-09-25_36fde7bbd39a62af176e704ce0eb9de4_wannacry

  • Size

    5.0MB

  • Sample

    240925-l2xensyhlq

  • MD5

    36fde7bbd39a62af176e704ce0eb9de4

  • SHA1

    17855d179637a3d585a4725808e731003eef6d11

  • SHA256

    088a06b60ce780aafdd351935c1dfb8f68fa783e61e53e1a8d0050045892cef8

  • SHA512

    11a0200f298c4566399e0deedfc072077f5dbe12392505b906bcdcc5ef07b049c696d318c43e3116317f4a57d60b603885baef0ed02a07b61cc58c3afbd7ada9

  • SSDEEP

    49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:Z8qPoBhz1aRxcSUDk36SA

Malware Config

Targets

    • Target

      2024-09-25_36fde7bbd39a62af176e704ce0eb9de4_wannacry

    • Size

      5.0MB

    • MD5

      36fde7bbd39a62af176e704ce0eb9de4

    • SHA1

      17855d179637a3d585a4725808e731003eef6d11

    • SHA256

      088a06b60ce780aafdd351935c1dfb8f68fa783e61e53e1a8d0050045892cef8

    • SHA512

      11a0200f298c4566399e0deedfc072077f5dbe12392505b906bcdcc5ef07b049c696d318c43e3116317f4a57d60b603885baef0ed02a07b61cc58c3afbd7ada9

    • SSDEEP

      49152:VnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:Z8qPoBhz1aRxcSUDk36SA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3340) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks