General

  • Target

    2024-09-28_9bb0d8603b7619a21b9b17963d855fe8_wannacry

  • Size

    5.0MB

  • Sample

    240928-l3v81ascna

  • MD5

    9bb0d8603b7619a21b9b17963d855fe8

  • SHA1

    adf9d2208abee46eb39258472e8e29183b75feb8

  • SHA256

    48e95b1ed1e17c83a3928a12802b40cb688db12adc4a374b1b8e711beaf4ae84

  • SHA512

    4448b3f99cf25542f2ac1834b2c4e13777561f1ced867c559a0552a0c91c84cb7a1ec6c3be330de11f69707dac1f5f1f2d58ad838c9c303d647b540678e8517b

  • SSDEEP

    24576:tbLgurgDdmMSirYbcMNgef0QeQjG/D8kIqJASk+RdhAdmvctA0p99XEk:tnsEMSPbcBVQej/NAARdhnvoAM

Malware Config

Targets

    • Target

      2024-09-28_9bb0d8603b7619a21b9b17963d855fe8_wannacry

    • Size

      5.0MB

    • MD5

      9bb0d8603b7619a21b9b17963d855fe8

    • SHA1

      adf9d2208abee46eb39258472e8e29183b75feb8

    • SHA256

      48e95b1ed1e17c83a3928a12802b40cb688db12adc4a374b1b8e711beaf4ae84

    • SHA512

      4448b3f99cf25542f2ac1834b2c4e13777561f1ced867c559a0552a0c91c84cb7a1ec6c3be330de11f69707dac1f5f1f2d58ad838c9c303d647b540678e8517b

    • SSDEEP

      24576:tbLgurgDdmMSirYbcMNgef0QeQjG/D8kIqJASk+RdhAdmvctA0p99XEk:tnsEMSPbcBVQej/NAARdhnvoAM

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3171) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks