General

  • Target

    2024-10-10_6c9574e40dcd7e6d5756b680ad03481f_wannacry

  • Size

    3.6MB

  • Sample

    241010-3vq3rayclq

  • MD5

    6c9574e40dcd7e6d5756b680ad03481f

  • SHA1

    f8a3ac3529e69d298338e58fae74bbe7d3e0a12c

  • SHA256

    c73637208230cbba3540609cc77d43a19f345ee314d999e79abfc05e5a7bbd59

  • SHA512

    68699a242e7039fc71b0ff29a270378ed87b5b99441d496f449974fca70ce5d9cd2f3a14df1053a184b99bcd48293986004380f4990666aa48d47a1290623d24

  • SSDEEP

    98304:Z8qPoBhz1aRpAEdhvxWa9P593R8yAVp2HI:Z8qPe1CpAEUadzR8yc4HI

Malware Config

Targets

    • Target

      2024-10-10_6c9574e40dcd7e6d5756b680ad03481f_wannacry

    • Size

      3.6MB

    • MD5

      6c9574e40dcd7e6d5756b680ad03481f

    • SHA1

      f8a3ac3529e69d298338e58fae74bbe7d3e0a12c

    • SHA256

      c73637208230cbba3540609cc77d43a19f345ee314d999e79abfc05e5a7bbd59

    • SHA512

      68699a242e7039fc71b0ff29a270378ed87b5b99441d496f449974fca70ce5d9cd2f3a14df1053a184b99bcd48293986004380f4990666aa48d47a1290623d24

    • SSDEEP

      98304:Z8qPoBhz1aRpAEdhvxWa9P593R8yAVp2HI:Z8qPe1CpAEUadzR8yc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3293) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks