General

  • Target

    2024-09-25_f0aec91ca89f0c6edc4a5b09bda9123a_wannacry

  • Size

    5.0MB

  • Sample

    240925-l4jatsselh

  • MD5

    f0aec91ca89f0c6edc4a5b09bda9123a

  • SHA1

    3ed40ac152aa7a8caed87fa6d7ba00561e968db1

  • SHA256

    07939de7f432ed737b994bc9995b8587ca9230f12f1db5ad46def9a9daf8b6d4

  • SHA512

    25e2eca635e3fad4089b585e960a29d4e9e832ad2ca6327bb3800a807f98c5e919692aedb259d77b43db06e24ea18a16540fe3a627b79fcddf4b8ec28a488b30

  • SSDEEP

    12288:GwbLgPluxQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFy:VbLgdeQhfdmMSirYbcMNgef0QeQjGI

Malware Config

Targets

    • Target

      2024-09-25_f0aec91ca89f0c6edc4a5b09bda9123a_wannacry

    • Size

      5.0MB

    • MD5

      f0aec91ca89f0c6edc4a5b09bda9123a

    • SHA1

      3ed40ac152aa7a8caed87fa6d7ba00561e968db1

    • SHA256

      07939de7f432ed737b994bc9995b8587ca9230f12f1db5ad46def9a9daf8b6d4

    • SHA512

      25e2eca635e3fad4089b585e960a29d4e9e832ad2ca6327bb3800a807f98c5e919692aedb259d77b43db06e24ea18a16540fe3a627b79fcddf4b8ec28a488b30

    • SSDEEP

      12288:GwbLgPluxQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFy:VbLgdeQhfdmMSirYbcMNgef0QeQjGI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3192) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks