General

  • Target

    2024-10-12_43ab44d66d62a6062356f24cf873cfba_wannacry

  • Size

    3.6MB

  • Sample

    241012-d3y1ws1clf

  • MD5

    43ab44d66d62a6062356f24cf873cfba

  • SHA1

    7f3db8340c7f44cdf91b6acc3e1e39d569b45118

  • SHA256

    7f55e72e3dee26086e8ce591acbb336c1145f04733a1bd7992e25edc64153960

  • SHA512

    5b9cc174abf2bab917c76a2b0a1f6adeddc230c01a2d9a3e38905f79d0f7721c0dfbdea978f32a06b99c846061ebdc3c9d0965ea230a32c38c0e9c7f139ea6c0

  • SSDEEP

    24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRNK74G6Zwlg:2nAQqMSPbcBVQej/1NKbxlg

Malware Config

Targets

    • Target

      2024-10-12_43ab44d66d62a6062356f24cf873cfba_wannacry

    • Size

      3.6MB

    • MD5

      43ab44d66d62a6062356f24cf873cfba

    • SHA1

      7f3db8340c7f44cdf91b6acc3e1e39d569b45118

    • SHA256

      7f55e72e3dee26086e8ce591acbb336c1145f04733a1bd7992e25edc64153960

    • SHA512

      5b9cc174abf2bab917c76a2b0a1f6adeddc230c01a2d9a3e38905f79d0f7721c0dfbdea978f32a06b99c846061ebdc3c9d0965ea230a32c38c0e9c7f139ea6c0

    • SSDEEP

      24576:2bLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRNK74G6Zwlg:2nAQqMSPbcBVQej/1NKbxlg

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3182) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks