General

  • Target

    2024-09-27_782d9f15fc707dc0b15de3a9857dbda0_wannacry

  • Size

    3.6MB

  • Sample

    240927-rw77waxapn

  • MD5

    782d9f15fc707dc0b15de3a9857dbda0

  • SHA1

    bdcdb8b66f769abb78ca323a9b14a71a7cc6d583

  • SHA256

    012b4742fe2f04d4fc828a3ed307e03d512f743063ca5dd0ab2aec93beed93e4

  • SHA512

    042dffd982dd3d1d69f10c44881c658d5e3c2486b69e39d4845b6d84b0760eb11f674295233a0e224bb4fdab2f73afcbe85a1eeedeec42f40424b550774949f5

  • SSDEEP

    49152:VnjrE/bcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:Z34oBhz1aRxcSUDk36SAEdhv

Malware Config

Targets

    • Target

      2024-09-27_782d9f15fc707dc0b15de3a9857dbda0_wannacry

    • Size

      3.6MB

    • MD5

      782d9f15fc707dc0b15de3a9857dbda0

    • SHA1

      bdcdb8b66f769abb78ca323a9b14a71a7cc6d583

    • SHA256

      012b4742fe2f04d4fc828a3ed307e03d512f743063ca5dd0ab2aec93beed93e4

    • SHA512

      042dffd982dd3d1d69f10c44881c658d5e3c2486b69e39d4845b6d84b0760eb11f674295233a0e224bb4fdab2f73afcbe85a1eeedeec42f40424b550774949f5

    • SSDEEP

      49152:VnjrE/bcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:Z34oBhz1aRxcSUDk36SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3231) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks