General

  • Target

    2024-10-10_fe10e6c87e2fd295ca8e206b6d5e198a_wannacry

  • Size

    3.6MB

  • Sample

    241010-18dngazcja

  • MD5

    fe10e6c87e2fd295ca8e206b6d5e198a

  • SHA1

    51a37f61fb165b7f6784ffa56dfefd9ae04e3310

  • SHA256

    5b2fb50bb0002839aac6b0ba3782b091e96a122401d3732738de47c6d9f7eae5

  • SHA512

    8d4d5b03593106b4383133d83a00324ad5af476922790bc0ec2c804e6d00d6586923ec0a3ff5634f312ae4c87ca30f685c28f2d0b7fe6c868f654cf32d255c6f

  • SSDEEP

    49152:2nAQcMSPbcBVQej0NRx+TSqTdX1HkQo6SA5caEa:yDcPoBhCRxcSUDk36SA

Malware Config

Targets

    • Target

      2024-10-10_fe10e6c87e2fd295ca8e206b6d5e198a_wannacry

    • Size

      3.6MB

    • MD5

      fe10e6c87e2fd295ca8e206b6d5e198a

    • SHA1

      51a37f61fb165b7f6784ffa56dfefd9ae04e3310

    • SHA256

      5b2fb50bb0002839aac6b0ba3782b091e96a122401d3732738de47c6d9f7eae5

    • SHA512

      8d4d5b03593106b4383133d83a00324ad5af476922790bc0ec2c804e6d00d6586923ec0a3ff5634f312ae4c87ca30f685c28f2d0b7fe6c868f654cf32d255c6f

    • SSDEEP

      49152:2nAQcMSPbcBVQej0NRx+TSqTdX1HkQo6SA5caEa:yDcPoBhCRxcSUDk36SA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3214) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks