General

  • Target

    20240926ef535af4c1addc6ad4ed95ea59cb386fwannacry

  • Size

    3.6MB

  • Sample

    240926-t6pvdszgrf

  • MD5

    ef535af4c1addc6ad4ed95ea59cb386f

  • SHA1

    9d92ce0db22a8ee95c35edb01a67da916fe15bcf

  • SHA256

    36a8616058e9cf6eb69e928bc3758f9ad335cb90df7a60acac7933f636632973

  • SHA512

    d7d671f0937c5c67df603702522c03a8f07bc73a1de5f7499d2126f576f2cfe89546ab7fd8454fdff92b44b30ab929ddf5b68a37692aad23ae8ffed7132a25a4

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HeAMEc:XDqPoBhz1aRxcSUDe5

Malware Config

Targets

    • Target

      20240926ef535af4c1addc6ad4ed95ea59cb386fwannacry

    • Size

      3.6MB

    • MD5

      ef535af4c1addc6ad4ed95ea59cb386f

    • SHA1

      9d92ce0db22a8ee95c35edb01a67da916fe15bcf

    • SHA256

      36a8616058e9cf6eb69e928bc3758f9ad335cb90df7a60acac7933f636632973

    • SHA512

      d7d671f0937c5c67df603702522c03a8f07bc73a1de5f7499d2126f576f2cfe89546ab7fd8454fdff92b44b30ab929ddf5b68a37692aad23ae8ffed7132a25a4

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HeAMEc:XDqPoBhz1aRxcSUDe5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3103) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks