Resubmissions

10-10-2024 22:54

241010-2vqasa1cqh 10

10-10-2024 22:13

241010-15kmlsvcqr 10

General

  • Target

    2024-10-10_b92310463713e2a2ac8fa41f2ba0619b_wannacry

  • Size

    3.6MB

  • Sample

    241010-2vqasa1cqh

  • MD5

    b92310463713e2a2ac8fa41f2ba0619b

  • SHA1

    7faa9d19f6398d11783f0f6ca508c9df96887533

  • SHA256

    5e0c74fc250d0a22a9dac68f29f3d9dcda2988687d88324bd9227d9d7c9dc8e2

  • SHA512

    a0d9abe20f6f26a59c60b01a0b76dd1995997e625474418ce8d88ff1a9c74e71b5e57825def9829a92f2e49e9bda03e931f815616d6e37649fcdd74fab7e3459

  • SSDEEP

    12288:BlbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DCw/N:DbLgddQhfdmMSirYbcMNgef0Xw

Malware Config

Targets

    • Target

      2024-10-10_b92310463713e2a2ac8fa41f2ba0619b_wannacry

    • Size

      3.6MB

    • MD5

      b92310463713e2a2ac8fa41f2ba0619b

    • SHA1

      7faa9d19f6398d11783f0f6ca508c9df96887533

    • SHA256

      5e0c74fc250d0a22a9dac68f29f3d9dcda2988687d88324bd9227d9d7c9dc8e2

    • SHA512

      a0d9abe20f6f26a59c60b01a0b76dd1995997e625474418ce8d88ff1a9c74e71b5e57825def9829a92f2e49e9bda03e931f815616d6e37649fcdd74fab7e3459

    • SSDEEP

      12288:BlbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DCw/N:DbLgddQhfdmMSirYbcMNgef0Xw

    • Modifies firewall policy service

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (1265) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks