General

  • Target

    2024-10-11_52b0fce2bec60f5877a079f29b3e9bca_wannacry

  • Size

    3.6MB

  • Sample

    241011-a8l2qswekg

  • MD5

    52b0fce2bec60f5877a079f29b3e9bca

  • SHA1

    f44bb0f47af4968200a8f75d8f7ed164874c5d0e

  • SHA256

    4e09a49729bab4b3dbb77a59cadd2b3e46cf1db7f3275fa7402a8cc6c10bfd6d

  • SHA512

    60921df99fc0a4014bcd3c4e7454ee61f28bd41e25b52110206a519bf932b658ff5a7486413ec7f85aa38e8e559502495a1f4ec98fa0f99e80f6896e3358e693

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQe+LZL:yDqPoBhz1aRxcSUDkFYZL

Malware Config

Targets

    • Target

      2024-10-11_52b0fce2bec60f5877a079f29b3e9bca_wannacry

    • Size

      3.6MB

    • MD5

      52b0fce2bec60f5877a079f29b3e9bca

    • SHA1

      f44bb0f47af4968200a8f75d8f7ed164874c5d0e

    • SHA256

      4e09a49729bab4b3dbb77a59cadd2b3e46cf1db7f3275fa7402a8cc6c10bfd6d

    • SHA512

      60921df99fc0a4014bcd3c4e7454ee61f28bd41e25b52110206a519bf932b658ff5a7486413ec7f85aa38e8e559502495a1f4ec98fa0f99e80f6896e3358e693

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQe+LZL:yDqPoBhz1aRxcSUDkFYZL

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3314) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks