General

  • Target

    2024-09-25_2e7484614664498519c4c75c82342328_wannacry

  • Size

    5.0MB

  • Sample

    240925-ldk2qsxemp

  • MD5

    2e7484614664498519c4c75c82342328

  • SHA1

    610416078590519a16d44683c595fdbf173dc27e

  • SHA256

    9e423dffb3f5b86c3d280f42ed34e18597fbb723416001eb8d00da8bb1eb9023

  • SHA512

    27a0ce7a4a9747f6cda08aa1cce04db56a259b9be58413df4bd6d8c5da530f2a859ce63ea06663d129a4cf8687f673e20088e99d816b827dd1c4748fb9a26ab1

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAR0H:XDqPoBhz1aRxcSUDk36SAEa

Malware Config

Targets

    • Target

      2024-09-25_2e7484614664498519c4c75c82342328_wannacry

    • Size

      5.0MB

    • MD5

      2e7484614664498519c4c75c82342328

    • SHA1

      610416078590519a16d44683c595fdbf173dc27e

    • SHA256

      9e423dffb3f5b86c3d280f42ed34e18597fbb723416001eb8d00da8bb1eb9023

    • SHA512

      27a0ce7a4a9747f6cda08aa1cce04db56a259b9be58413df4bd6d8c5da530f2a859ce63ea06663d129a4cf8687f673e20088e99d816b827dd1c4748fb9a26ab1

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAR0H:XDqPoBhz1aRxcSUDk36SAEa

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3229) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks