General

  • Target

    2024-09-26_5b316bd42778fe9613a312f0b71172a1_wannacry

  • Size

    3.6MB

  • Sample

    240926-zvv5xs1aka

  • MD5

    5b316bd42778fe9613a312f0b71172a1

  • SHA1

    8256cb0775972149adb46ccdfca83f63fda0a129

  • SHA256

    2038bee1863127ccc30985f470d92bf58a768b899b9ebf0de52591cc08216cb7

  • SHA512

    5e50f8a9794845fc04a2ccee1716b058e1e2a0e5e07cf50d560180511fc2cec9ca73ae3a6e7ad7e1b46117c5af3b9e8f2117ab15153bd88d66c7add250c094de

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdOxJM0H9PAMEcaEau3R+i:yDqPoBhz1aRxcSUwxWa9P593R+

Malware Config

Targets

    • Target

      2024-09-26_5b316bd42778fe9613a312f0b71172a1_wannacry

    • Size

      3.6MB

    • MD5

      5b316bd42778fe9613a312f0b71172a1

    • SHA1

      8256cb0775972149adb46ccdfca83f63fda0a129

    • SHA256

      2038bee1863127ccc30985f470d92bf58a768b899b9ebf0de52591cc08216cb7

    • SHA512

      5e50f8a9794845fc04a2ccee1716b058e1e2a0e5e07cf50d560180511fc2cec9ca73ae3a6e7ad7e1b46117c5af3b9e8f2117ab15153bd88d66c7add250c094de

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdOxJM0H9PAMEcaEau3R+i:yDqPoBhz1aRxcSUwxWa9P593R+

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3340) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks