General

  • Target

    2024-10-11_cf92c3265d264d78be1ab1fa1c97ca80_wannacry

  • Size

    2.2MB

  • Sample

    241011-bpcjmaxfkb

  • MD5

    cf92c3265d264d78be1ab1fa1c97ca80

  • SHA1

    fc6b358577b11f49c665f687fd4cfeec145f3499

  • SHA256

    91067815e77c12b85e8dec23fe60c6db9c57d993d5c99d5eb46d2ddd4addd348

  • SHA512

    a73424fd0d7537e4bcf26bfdebfff544195306b9bf27edb3f1838abdb794c35b72545840d7ef4c772ece2a06f21c2d196299075bb9e2aabc070ab0a60e9ea112

  • SSDEEP

    49152:QnGMSPbcBVlINRx+TSqTdX1HkQo6SAARdhnvn:QGPoBnaRxcSUDk36SAEdhvn

Malware Config

Targets

    • Target

      2024-10-11_cf92c3265d264d78be1ab1fa1c97ca80_wannacry

    • Size

      2.2MB

    • MD5

      cf92c3265d264d78be1ab1fa1c97ca80

    • SHA1

      fc6b358577b11f49c665f687fd4cfeec145f3499

    • SHA256

      91067815e77c12b85e8dec23fe60c6db9c57d993d5c99d5eb46d2ddd4addd348

    • SHA512

      a73424fd0d7537e4bcf26bfdebfff544195306b9bf27edb3f1838abdb794c35b72545840d7ef4c772ece2a06f21c2d196299075bb9e2aabc070ab0a60e9ea112

    • SSDEEP

      49152:QnGMSPbcBVlINRx+TSqTdX1HkQo6SAARdhnvn:QGPoBnaRxcSUDk36SAEdhvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3216) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks