General

  • Target

    2024-10-11_b7ab3e754ed6af3917628847902c825f_wannacry

  • Size

    3.6MB

  • Sample

    241011-bqc7jsxfpg

  • MD5

    b7ab3e754ed6af3917628847902c825f

  • SHA1

    cbd908a84e9c1cf1bb5b96d6e6e4d72ba11b7599

  • SHA256

    4dbce54cfaf9c385aee5e8d55bcc0d7001e2c3ed84602f930b1ed7135db22b07

  • SHA512

    2613df484de9ee4d3cc88b57529fa84b1e9044e09b9f30a9d31d934bbd2686cb986089e60fadf1330f2a2e9256c3f24f343cd3ad954de7ce896453854088402f

  • SSDEEP

    24576:VbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKVEG:VnjQqMSPbcBVQej/1INlG

Malware Config

Targets

    • Target

      2024-10-11_b7ab3e754ed6af3917628847902c825f_wannacry

    • Size

      3.6MB

    • MD5

      b7ab3e754ed6af3917628847902c825f

    • SHA1

      cbd908a84e9c1cf1bb5b96d6e6e4d72ba11b7599

    • SHA256

      4dbce54cfaf9c385aee5e8d55bcc0d7001e2c3ed84602f930b1ed7135db22b07

    • SHA512

      2613df484de9ee4d3cc88b57529fa84b1e9044e09b9f30a9d31d934bbd2686cb986089e60fadf1330f2a2e9256c3f24f343cd3ad954de7ce896453854088402f

    • SSDEEP

      24576:VbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKVEG:VnjQqMSPbcBVQej/1INlG

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3325) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks