General

  • Target

    2024-10-11_bc307c99c999ed1f0cc3786694419893_wannacry

  • Size

    2.2MB

  • Sample

    241011-bgswmsxbkb

  • MD5

    bc307c99c999ed1f0cc3786694419893

  • SHA1

    c5da9c9e07ec7b205c0de7c5bff808ffcaf7a7bd

  • SHA256

    4ba731267e10fd418e135d69ee20d44b3e5af9b69f2fd8c565136f23c470d598

  • SHA512

    453e827492208213a9ce8ba9d0936df582ce587d7b6411976ab79c2d6dca34c240536e904d02d5de328fea72222139912dd256c127787e53f230cb8bec4eddb5

  • SSDEEP

    24576:QbLgurgQhfdmMSirYbcMNgef0QeQjG0XmiHqX6SASk+RdP:QnsQqMSPbcBVQej0X1HG6SAARdP

Malware Config

Targets

    • Target

      2024-10-11_bc307c99c999ed1f0cc3786694419893_wannacry

    • Size

      2.2MB

    • MD5

      bc307c99c999ed1f0cc3786694419893

    • SHA1

      c5da9c9e07ec7b205c0de7c5bff808ffcaf7a7bd

    • SHA256

      4ba731267e10fd418e135d69ee20d44b3e5af9b69f2fd8c565136f23c470d598

    • SHA512

      453e827492208213a9ce8ba9d0936df582ce587d7b6411976ab79c2d6dca34c240536e904d02d5de328fea72222139912dd256c127787e53f230cb8bec4eddb5

    • SSDEEP

      24576:QbLgurgQhfdmMSirYbcMNgef0QeQjG0XmiHqX6SASk+RdP:QnsQqMSPbcBVQej0X1HG6SAARdP

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3155) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks