General

  • Target

    2024-10-10_7e6c59c732ee47052ddf19cbb487ffe8_wannacry

  • Size

    3.6MB

  • Sample

    241010-1zc1ksyfnc

  • MD5

    7e6c59c732ee47052ddf19cbb487ffe8

  • SHA1

    5207a302364c3c505376f87e2f39a433c0b19f95

  • SHA256

    57d55ccf3a33c78e4219006823190762695ba268aaab65b58146921f7e6a95c9

  • SHA512

    38a605b8077292a6af1b5dc9a28664b641820c8da35fa5f5cbd06df65414cb8c79f929cfc265f37e57067b96de3a51c0390c8ec7efcdf2be70f2127a4ffb9e58

  • SSDEEP

    6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYev:GvbLgPlu+QhMbaIav

Malware Config

Targets

    • Target

      2024-10-10_7e6c59c732ee47052ddf19cbb487ffe8_wannacry

    • Size

      3.6MB

    • MD5

      7e6c59c732ee47052ddf19cbb487ffe8

    • SHA1

      5207a302364c3c505376f87e2f39a433c0b19f95

    • SHA256

      57d55ccf3a33c78e4219006823190762695ba268aaab65b58146921f7e6a95c9

    • SHA512

      38a605b8077292a6af1b5dc9a28664b641820c8da35fa5f5cbd06df65414cb8c79f929cfc265f37e57067b96de3a51c0390c8ec7efcdf2be70f2127a4ffb9e58

    • SSDEEP

      6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYev:GvbLgPlu+QhMbaIav

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3285) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks