General

  • Target

    2024-10-11_48acdd6de5b8c80ccecd6c68c6c99915_wannacry

  • Size

    2.2MB

  • Sample

    241011-a7538a1fjq

  • MD5

    48acdd6de5b8c80ccecd6c68c6c99915

  • SHA1

    0b18de41eb830bd7e8a2b1cd908b36e8b33cc375

  • SHA256

    182d67fd7b879dabc4996c70021f7335c4a2ee1f2135b3ca681185085a22528d

  • SHA512

    a2ed1b48dce6cb37c353fa82b5d9f5d3c6731c05da7ba6fd4f939debe31df4e21ab1e0c7dc624f89d8540207eefb07015b53a9f22135e78a63776863cf2d4033

  • SSDEEP

    49152:QnxQ2MSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvn:Q62PoBhz1aRxcSUDk36SAEdhvn

Malware Config

Targets

    • Target

      2024-10-11_48acdd6de5b8c80ccecd6c68c6c99915_wannacry

    • Size

      2.2MB

    • MD5

      48acdd6de5b8c80ccecd6c68c6c99915

    • SHA1

      0b18de41eb830bd7e8a2b1cd908b36e8b33cc375

    • SHA256

      182d67fd7b879dabc4996c70021f7335c4a2ee1f2135b3ca681185085a22528d

    • SHA512

      a2ed1b48dce6cb37c353fa82b5d9f5d3c6731c05da7ba6fd4f939debe31df4e21ab1e0c7dc624f89d8540207eefb07015b53a9f22135e78a63776863cf2d4033

    • SSDEEP

      49152:QnxQ2MSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvn:Q62PoBhz1aRxcSUDk36SAEdhvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3136) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks