General

  • Target

    2024-10-12_6d41c2a064c9260faece6fd6224f8c0c_wannacry

  • Size

    2.2MB

  • Sample

    241012-d8mj2s1eqa

  • MD5

    6d41c2a064c9260faece6fd6224f8c0c

  • SHA1

    90938f30cc8d51810132e5f919072a847df4ee97

  • SHA256

    33d328cc404111e451de4ca11d9da14bec6ce786993059f9dee8f24c34300122

  • SHA512

    66c07d1352d0c3ebeda133185c58f4622465ac27b46713d28c2c07e3627779880e99b68b337f9580fff1026be01c5659cc69863641245419f933fd87fb665833

  • SSDEEP

    24576:QbLguriIfEcQdIVUacMNgef0QeQjG/B8k:QnpEKUacBVQej/

Malware Config

Targets

    • Target

      2024-10-12_6d41c2a064c9260faece6fd6224f8c0c_wannacry

    • Size

      2.2MB

    • MD5

      6d41c2a064c9260faece6fd6224f8c0c

    • SHA1

      90938f30cc8d51810132e5f919072a847df4ee97

    • SHA256

      33d328cc404111e451de4ca11d9da14bec6ce786993059f9dee8f24c34300122

    • SHA512

      66c07d1352d0c3ebeda133185c58f4622465ac27b46713d28c2c07e3627779880e99b68b337f9580fff1026be01c5659cc69863641245419f933fd87fb665833

    • SSDEEP

      24576:QbLguriIfEcQdIVUacMNgef0QeQjG/B8k:QnpEKUacBVQej/

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3235) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks