General

  • Target

    2024-10-11_36bc79e694b0b73425ce807988680b54_wannacry

  • Size

    2.2MB

  • Sample

    241011-bgen1sxaqe

  • MD5

    36bc79e694b0b73425ce807988680b54

  • SHA1

    1b8ce45395057afdf576e0ed1230338bdc4b745d

  • SHA256

    68f22c3d9ccafa019399fc2d58afbd9904afdc52da6b8733fb6cce95b560b40f

  • SHA512

    de848fc38dbf785050cb2a55053c65d6ebcf682526bb55030a53b74f1d1e42c30e2e1591f03e8dc3b7ee600a88a73a24d0072cd3597e3702ec741d6d241306da

  • SSDEEP

    49152:QnFQqMSPbcBVCR+TSqTdX1HkQo6SAARdhnvn:QeqPoBacSUDk36SAEdhvn

Malware Config

Targets

    • Target

      2024-10-11_36bc79e694b0b73425ce807988680b54_wannacry

    • Size

      2.2MB

    • MD5

      36bc79e694b0b73425ce807988680b54

    • SHA1

      1b8ce45395057afdf576e0ed1230338bdc4b745d

    • SHA256

      68f22c3d9ccafa019399fc2d58afbd9904afdc52da6b8733fb6cce95b560b40f

    • SHA512

      de848fc38dbf785050cb2a55053c65d6ebcf682526bb55030a53b74f1d1e42c30e2e1591f03e8dc3b7ee600a88a73a24d0072cd3597e3702ec741d6d241306da

    • SSDEEP

      49152:QnFQqMSPbcBVCR+TSqTdX1HkQo6SAARdhnvn:QeqPoBacSUDk36SAEdhvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3132) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks