General

  • Target

    2024-09-26_639c25eed03a1311f732f0138dc6c757_wannacry

  • Size

    3.6MB

  • Sample

    240926-zzkjzsxgkq

  • MD5

    639c25eed03a1311f732f0138dc6c757

  • SHA1

    8aa6c610b56c1aaaa169eae4a8c737228d9ee464

  • SHA256

    2a3e56e54485fd90e8e27cfa83953c78d3aa6afd2426e11aa8c46b07877ab416

  • SHA512

    939cb13a2b5f5b19b5aee958096c3d412fb3f49d7646ba1340b54542b354aa6a633c492101b21145310dd47d0dc45169e65f463e614ae373929fe02e13460bc5

  • SSDEEP

    49152:2nAQq3+D7VQej0W8Rx+TSqTdX1Hpe7PGvxJM0H9FPG/iEau3R8yAH1Furi:yDqO7hJ8RxcSUDppxWa9U3R8yAVEi

Malware Config

Targets

    • Target

      2024-09-26_639c25eed03a1311f732f0138dc6c757_wannacry

    • Size

      3.6MB

    • MD5

      639c25eed03a1311f732f0138dc6c757

    • SHA1

      8aa6c610b56c1aaaa169eae4a8c737228d9ee464

    • SHA256

      2a3e56e54485fd90e8e27cfa83953c78d3aa6afd2426e11aa8c46b07877ab416

    • SHA512

      939cb13a2b5f5b19b5aee958096c3d412fb3f49d7646ba1340b54542b354aa6a633c492101b21145310dd47d0dc45169e65f463e614ae373929fe02e13460bc5

    • SSDEEP

      49152:2nAQq3+D7VQej0W8Rx+TSqTdX1Hpe7PGvxJM0H9FPG/iEau3R8yAH1Furi:yDqO7hJ8RxcSUDppxWa9U3R8yAVEi

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3255) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks