General

  • Target

    2024-10-11_6b3cf1cf7edd3e1df67d739f6a0f5c1f_wannacry

  • Size

    3.8MB

  • Sample

    241011-qxhsyavdke

  • MD5

    6b3cf1cf7edd3e1df67d739f6a0f5c1f

  • SHA1

    4437078cc223b90f3ee8d0e46a66af89d2a47fe5

  • SHA256

    6077ff43c83a2f3d1a8a6d988749ac4c1b96a05f8f5065b963ea950d1bd43d67

  • SHA512

    677a34d6a285557f2144aff822a78afe7098490152dde865ad33ca4de71489fc73809b3475142aac1489f67c363fb14c14747ce5b900bb2215f0976f0240f626

  • SSDEEP

    49152:unsEKUacBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxiHgYk6:asyfBhz1aRxcSUDk36SAEdhvxiHgYk

Malware Config

Targets

    • Target

      2024-10-11_6b3cf1cf7edd3e1df67d739f6a0f5c1f_wannacry

    • Size

      3.8MB

    • MD5

      6b3cf1cf7edd3e1df67d739f6a0f5c1f

    • SHA1

      4437078cc223b90f3ee8d0e46a66af89d2a47fe5

    • SHA256

      6077ff43c83a2f3d1a8a6d988749ac4c1b96a05f8f5065b963ea950d1bd43d67

    • SHA512

      677a34d6a285557f2144aff822a78afe7098490152dde865ad33ca4de71489fc73809b3475142aac1489f67c363fb14c14747ce5b900bb2215f0976f0240f626

    • SSDEEP

      49152:unsEKUacBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxiHgYk6:asyfBhz1aRxcSUDk36SAEdhvxiHgYk

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2448) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Drops file in Drivers directory

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks