General

  • Target

    2024-10-10_d7b9742e088114c31906a97292fd5dc7_wannacry

  • Size

    3.6MB

  • Sample

    241011-aqm63svdre

  • MD5

    d7b9742e088114c31906a97292fd5dc7

  • SHA1

    ea6ec9781a0794221e9827eac6813efb7bb188b5

  • SHA256

    12950dbe5dd44cda67b588b15379ea883a9ff8e43ccc0950fb68c954177645ed

  • SHA512

    fbf3103ded789c2fe2b4318cc86626e42d79500c7137fbd953d171e858ffb07db3a70493530473873177d95ea8ff9e162ec17a8ba48d1c7e079095be4fa52b12

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQc:yDqPoBhz1aRxcSUDkV

Malware Config

Targets

    • Target

      2024-10-10_d7b9742e088114c31906a97292fd5dc7_wannacry

    • Size

      3.6MB

    • MD5

      d7b9742e088114c31906a97292fd5dc7

    • SHA1

      ea6ec9781a0794221e9827eac6813efb7bb188b5

    • SHA256

      12950dbe5dd44cda67b588b15379ea883a9ff8e43ccc0950fb68c954177645ed

    • SHA512

      fbf3103ded789c2fe2b4318cc86626e42d79500c7137fbd953d171e858ffb07db3a70493530473873177d95ea8ff9e162ec17a8ba48d1c7e079095be4fa52b12

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HkQc:yDqPoBhz1aRxcSUDkV

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3072) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks