General

  • Target

    2024-10-10_4d85f13ff14542b7f041e02af35a05d9_wannacry

  • Size

    3.6MB

  • Sample

    241010-3y8f7stdqd

  • MD5

    4d85f13ff14542b7f041e02af35a05d9

  • SHA1

    93988c5a2345029acb47e72151184a9499bdb06e

  • SHA256

    0752c147b93fb4c1bfb8fcbb2fa10d51d6d39e2dda08d0b531f20ec875854a92

  • SHA512

    8eddf1e6a1f5e537c2f15b20feb6c5dc8819d93b77f02a6ee82e2e409fc3111f27dfd5deba58787f265704136734db1ca82e6f4252b0afd1324ad7bc593b4184

  • SSDEEP

    98304:ZDqPoBhz1aRxcSUDkA6SAEdhvxWa9C93R8yAVp2HI:ZDqPe1CxcxkAZAEUamR8yc4HI

Malware Config

Targets

    • Target

      2024-10-10_4d85f13ff14542b7f041e02af35a05d9_wannacry

    • Size

      3.6MB

    • MD5

      4d85f13ff14542b7f041e02af35a05d9

    • SHA1

      93988c5a2345029acb47e72151184a9499bdb06e

    • SHA256

      0752c147b93fb4c1bfb8fcbb2fa10d51d6d39e2dda08d0b531f20ec875854a92

    • SHA512

      8eddf1e6a1f5e537c2f15b20feb6c5dc8819d93b77f02a6ee82e2e409fc3111f27dfd5deba58787f265704136734db1ca82e6f4252b0afd1324ad7bc593b4184

    • SSDEEP

      98304:ZDqPoBhz1aRxcSUDkA6SAEdhvxWa9C93R8yAVp2HI:ZDqPe1CxcxkAZAEUamR8yc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3169) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks