General

  • Target

    2024-10-10_a7967480ad11f9ba6f014451aad8eabe_wannacry

  • Size

    3.6MB

  • Sample

    241011-a5fqjswcnh

  • MD5

    a7967480ad11f9ba6f014451aad8eabe

  • SHA1

    74dced5e0fabccfc238add0e34288825501457fd

  • SHA256

    1abbe8777a603883e20ead55732ff624374ed089248a6264a3f7c14d59cbf82c

  • SHA512

    e30d0982d18e46f0fa6d8263b74ce63a97db51a7555afb17f0aeb603ba32a385021e52a48435c9646f68106e119bee8c0a54b9248861f06294f7eda692b4b50f

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:XDqPoBhz1aRxcSUDk36SAEdhvxWa9

Malware Config

Targets

    • Target

      2024-10-10_a7967480ad11f9ba6f014451aad8eabe_wannacry

    • Size

      3.6MB

    • MD5

      a7967480ad11f9ba6f014451aad8eabe

    • SHA1

      74dced5e0fabccfc238add0e34288825501457fd

    • SHA256

      1abbe8777a603883e20ead55732ff624374ed089248a6264a3f7c14d59cbf82c

    • SHA512

      e30d0982d18e46f0fa6d8263b74ce63a97db51a7555afb17f0aeb603ba32a385021e52a48435c9646f68106e119bee8c0a54b9248861f06294f7eda692b4b50f

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:XDqPoBhz1aRxcSUDk36SAEdhvxWa9

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3241) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks