General

  • Target

    2024-10-10_0c8da92739a2583c90e3f4e7b1b5f5be_wannacry

  • Size

    3.6MB

  • Sample

    241011-ae4dxsyhqr

  • MD5

    0c8da92739a2583c90e3f4e7b1b5f5be

  • SHA1

    f7b822618d29a88bf4efd4ef7c1c89ff104fdb0f

  • SHA256

    d22e884853bbc7ca9b2e405b0423dd88bcdf7b349b456a51e06d64c39afe1a4d

  • SHA512

    2bddb704163d0e3158335146dea0168dbdb6754fd25f814b8e23ad90b62f79fd733978ed3c56e00d9741f4a5f52587b4f74257a9d350ee8940994c8a9895b4ab

  • SSDEEP

    24576:VbLgd1iBJMSirYbcMNgef0QEjTjirQ39OFCjLxglFDxaYaKQDlR:Vn1MSPbcBVQEerAjL6lFxazKQDlR

Malware Config

Targets

    • Target

      2024-10-10_0c8da92739a2583c90e3f4e7b1b5f5be_wannacry

    • Size

      3.6MB

    • MD5

      0c8da92739a2583c90e3f4e7b1b5f5be

    • SHA1

      f7b822618d29a88bf4efd4ef7c1c89ff104fdb0f

    • SHA256

      d22e884853bbc7ca9b2e405b0423dd88bcdf7b349b456a51e06d64c39afe1a4d

    • SHA512

      2bddb704163d0e3158335146dea0168dbdb6754fd25f814b8e23ad90b62f79fd733978ed3c56e00d9741f4a5f52587b4f74257a9d350ee8940994c8a9895b4ab

    • SSDEEP

      24576:VbLgd1iBJMSirYbcMNgef0QEjTjirQ39OFCjLxglFDxaYaKQDlR:Vn1MSPbcBVQEerAjL6lFxazKQDlR

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3277) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks