General

  • Target

    2024-10-12_4d06e21bf6112bfdca66ebb2339249f2_wannacry

  • Size

    2.2MB

  • Sample

    241012-d5s8es1dld

  • MD5

    4d06e21bf6112bfdca66ebb2339249f2

  • SHA1

    d5c44ce6f3b16af07ead66b263aea9007b86f9f0

  • SHA256

    34f2bde775793bb732950bcc51caa44e03cc4af8380650e0ec6e8ba7ec24a54c

  • SHA512

    0798876aed13b6d8e106846c7333cd59bfd9422c76575523ad9bf256318de802a435bf45534d652939c601e24f3307bbc3c7079b75688fa43a6bc7ffa94501e1

  • SSDEEP

    49152:QnsQqMSPbcBVQej/1INRx+TSqTdX1HkQK:Q/qPoBhz1aRxcSUDkp

Malware Config

Targets

    • Target

      2024-10-12_4d06e21bf6112bfdca66ebb2339249f2_wannacry

    • Size

      2.2MB

    • MD5

      4d06e21bf6112bfdca66ebb2339249f2

    • SHA1

      d5c44ce6f3b16af07ead66b263aea9007b86f9f0

    • SHA256

      34f2bde775793bb732950bcc51caa44e03cc4af8380650e0ec6e8ba7ec24a54c

    • SHA512

      0798876aed13b6d8e106846c7333cd59bfd9422c76575523ad9bf256318de802a435bf45534d652939c601e24f3307bbc3c7079b75688fa43a6bc7ffa94501e1

    • SSDEEP

      49152:QnsQqMSPbcBVQej/1INRx+TSqTdX1HkQK:Q/qPoBhz1aRxcSUDkp

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3190) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks