General

  • Target

    2024-09-27_7d60e9fd1f214626dd9db11a338196de_wannacry

  • Size

    3.6MB

  • Sample

    240927-vth2rasekl

  • MD5

    7d60e9fd1f214626dd9db11a338196de

  • SHA1

    2c1d36c52026fabefd90bd4e52a4b9ba565071b0

  • SHA256

    a0f275fc3a37d8bfd81be3fe2411bba2bc8c61e156a8419c7e885193b5f24fb3

  • SHA512

    b1813c6468b455cc148c845f3c43de93409cfcdeb84997e08b9e44dd8bd8bb16b1c7603777457e35ad8cb2735a549695a24560d6bf449d45028648fbecc93765

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1NaEau3R8yAH1plAHI:yDqPoBhz1R3R8yAVp2HI

Malware Config

Targets

    • Target

      2024-09-27_7d60e9fd1f214626dd9db11a338196de_wannacry

    • Size

      3.6MB

    • MD5

      7d60e9fd1f214626dd9db11a338196de

    • SHA1

      2c1d36c52026fabefd90bd4e52a4b9ba565071b0

    • SHA256

      a0f275fc3a37d8bfd81be3fe2411bba2bc8c61e156a8419c7e885193b5f24fb3

    • SHA512

      b1813c6468b455cc148c845f3c43de93409cfcdeb84997e08b9e44dd8bd8bb16b1c7603777457e35ad8cb2735a549695a24560d6bf449d45028648fbecc93765

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1NaEau3R8yAH1plAHI:yDqPoBhz1R3R8yAVp2HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3293) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks