General

  • Target

    2024-10-11_65b8c922497a18c482828c51e95b9f06_wannacry

  • Size

    3.6MB

  • Sample

    241011-a3rd9s1cqk

  • MD5

    65b8c922497a18c482828c51e95b9f06

  • SHA1

    854147edb06d7c71bb252297f17018f6491d8a51

  • SHA256

    92da701e9671fe6423bc7767944fcaeb721f5c3087cabad1867bc9db06343b77

  • SHA512

    f55ccd5a755622a2989862be0ec684de1abfdf71e5aabc76f3d619ed73f37c411fe8619158580ca3d2a00baa14ecc1221715ea95b12ab6545243bc88ce42fe3b

  • SSDEEP

    98304:XDqPoBhz1aRASUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPe1CAxk3ZAEUadzR8yc4HI

Malware Config

Targets

    • Target

      2024-10-11_65b8c922497a18c482828c51e95b9f06_wannacry

    • Size

      3.6MB

    • MD5

      65b8c922497a18c482828c51e95b9f06

    • SHA1

      854147edb06d7c71bb252297f17018f6491d8a51

    • SHA256

      92da701e9671fe6423bc7767944fcaeb721f5c3087cabad1867bc9db06343b77

    • SHA512

      f55ccd5a755622a2989862be0ec684de1abfdf71e5aabc76f3d619ed73f37c411fe8619158580ca3d2a00baa14ecc1221715ea95b12ab6545243bc88ce42fe3b

    • SSDEEP

      98304:XDqPoBhz1aRASUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPe1CAxk3ZAEUadzR8yc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3165) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks