General

  • Target

    2024-10-11_cc8585f79612fb22844c7a51c1114cf1_wannacry

  • Size

    3.6MB

  • Sample

    241011-bnx4yasgjq

  • MD5

    cc8585f79612fb22844c7a51c1114cf1

  • SHA1

    e08744950c782b19f464a5c97c5080c44d454fab

  • SHA256

    710f1426e6c6b241a839f0786d9c1d9dfdab26d2ae2c9cb66deffecc86be18f8

  • SHA512

    042ec2728a13d4b865d508f1361f7c12b7299a8bc34da11854428a61dfe5d7735e9d7af2a4cc3dc0974f5d22fa97f05e12fa6c37a27c76e35b9e7026c227d0cb

  • SSDEEP

    49152:VnjQqMSPbcBVQej/1IudhnvXAMEcPA5HI:Z8qPoBhz1ldhvX5kHI

Malware Config

Targets

    • Target

      2024-10-11_cc8585f79612fb22844c7a51c1114cf1_wannacry

    • Size

      3.6MB

    • MD5

      cc8585f79612fb22844c7a51c1114cf1

    • SHA1

      e08744950c782b19f464a5c97c5080c44d454fab

    • SHA256

      710f1426e6c6b241a839f0786d9c1d9dfdab26d2ae2c9cb66deffecc86be18f8

    • SHA512

      042ec2728a13d4b865d508f1361f7c12b7299a8bc34da11854428a61dfe5d7735e9d7af2a4cc3dc0974f5d22fa97f05e12fa6c37a27c76e35b9e7026c227d0cb

    • SSDEEP

      49152:VnjQqMSPbcBVQej/1IudhnvXAMEcPA5HI:Z8qPoBhz1ldhvX5kHI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3178) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks