General

  • Target

    2024-10-03_13a8a7956e41ee12b6da0ba29281169e_wannacry

  • Size

    5.0MB

  • Sample

    241003-ltevnawfnp

  • MD5

    13a8a7956e41ee12b6da0ba29281169e

  • SHA1

    becf1d3fc9b6a4e2828cb256337f514de3850ee1

  • SHA256

    8dedc07b2cdef71345a441aed0c96fc98ada32557e97fe1d74e43c73bc65d25e

  • SHA512

    cf4e468b1d80a4a75e2b4c2e40682ffb96fca08097bab300f4548690b843d11b63a857c953cc13f03ac87a21f3399395eaa639ac483ecf132c785199c1bddc1e

  • SSDEEP

    24576:VbLguVQhfdmMSirYbcMNgef0QeQjGotNr:VnFQqMSPbcBVQejotN

Malware Config

Targets

    • Target

      2024-10-03_13a8a7956e41ee12b6da0ba29281169e_wannacry

    • Size

      5.0MB

    • MD5

      13a8a7956e41ee12b6da0ba29281169e

    • SHA1

      becf1d3fc9b6a4e2828cb256337f514de3850ee1

    • SHA256

      8dedc07b2cdef71345a441aed0c96fc98ada32557e97fe1d74e43c73bc65d25e

    • SHA512

      cf4e468b1d80a4a75e2b4c2e40682ffb96fca08097bab300f4548690b843d11b63a857c953cc13f03ac87a21f3399395eaa639ac483ecf132c785199c1bddc1e

    • SSDEEP

      24576:VbLguVQhfdmMSirYbcMNgef0QeQjGotNr:VnFQqMSPbcBVQejotN

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3131) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks