General

  • Target

    2024-10-11_854df00ba4d7ea09b5d77660dc805d14_wannacry

  • Size

    3.6MB

  • Sample

    241011-a7ydda1ern

  • MD5

    854df00ba4d7ea09b5d77660dc805d14

  • SHA1

    ffe063d2a525e40a5cb55a684e62c67900644eee

  • SHA256

    103b77c99246d14e4e1b79440ff392acf4413a4f7712a7a3cf199fe72719b4b6

  • SHA512

    2a14bd6c6ce43cc06ca76c7f2d1179e3fe6cd75488a539957e83ad30f8ab6f8b2e46a0da2c99cc157b1b0c7ad917817e26282fef4fac461e3228a1e6745f3825

  • SSDEEP

    49152:VnjQqMSPbcBVv/1INRx+TSqTdX1HkQo6SAARdhnv:Z8qPoBl1aRxcSUDk36SAEdhv

Malware Config

Targets

    • Target

      2024-10-11_854df00ba4d7ea09b5d77660dc805d14_wannacry

    • Size

      3.6MB

    • MD5

      854df00ba4d7ea09b5d77660dc805d14

    • SHA1

      ffe063d2a525e40a5cb55a684e62c67900644eee

    • SHA256

      103b77c99246d14e4e1b79440ff392acf4413a4f7712a7a3cf199fe72719b4b6

    • SHA512

      2a14bd6c6ce43cc06ca76c7f2d1179e3fe6cd75488a539957e83ad30f8ab6f8b2e46a0da2c99cc157b1b0c7ad917817e26282fef4fac461e3228a1e6745f3825

    • SSDEEP

      49152:VnjQqMSPbcBVv/1INRx+TSqTdX1HkQo6SAARdhnv:Z8qPoBl1aRxcSUDk36SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3261) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks