General

  • Target

    2024-10-12_44997cba95dc1f01c9fc58319ce693b8_wannacry

  • Size

    3.6MB

  • Sample

    241012-d6snaa1dqb

  • MD5

    44997cba95dc1f01c9fc58319ce693b8

  • SHA1

    58f253041c2f86249625023626050c00f5abccfa

  • SHA256

    45c169c28b66a62f66b15163a0a2e8094664416012e903666198ac269e41b8c6

  • SHA512

    2206c06cc1c9a21a4f2a7350f20341357763060f04f54e008e06ad114e1406971d055eac658fc78127c62f5c9227d4ef65fa863293e9bb21f28bc40e4f90e55a

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWqP593R8yAVp2Y:yDqPe1Cxcxk3ZAEUUzR8yc4Y

Malware Config

Targets

    • Target

      2024-10-12_44997cba95dc1f01c9fc58319ce693b8_wannacry

    • Size

      3.6MB

    • MD5

      44997cba95dc1f01c9fc58319ce693b8

    • SHA1

      58f253041c2f86249625023626050c00f5abccfa

    • SHA256

      45c169c28b66a62f66b15163a0a2e8094664416012e903666198ac269e41b8c6

    • SHA512

      2206c06cc1c9a21a4f2a7350f20341357763060f04f54e008e06ad114e1406971d055eac658fc78127c62f5c9227d4ef65fa863293e9bb21f28bc40e4f90e55a

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWqP593R8yAVp2Y:yDqPe1Cxcxk3ZAEUUzR8yc4Y

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3233) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks