General

  • Target

    2024-10-12_4a0282c787e834797637faa0ead6594a_wannacry

  • Size

    2.2MB

  • Sample

    241012-d8ngca1eqc

  • MD5

    4a0282c787e834797637faa0ead6594a

  • SHA1

    24819c00021a2186419ec29bce834fc35a1ecc46

  • SHA256

    fe9714ae9d6622ae802ccee03f8f420a7639bc2944b4a5e41bd4d322ea229861

  • SHA512

    33ab13570df074b089544413e00ca231195668cca89e5938ac0c1b414517d3c0eaf961604200c637d28f280c248c5923515b9ca796bec9fef454cae906e7e790

  • SSDEEP

    24576:QbLguriIfEcQdIVUv5PwxhrWYK+ef0QeQjG/S:QnpEKUv9wC7+VQej/S

Malware Config

Targets

    • Target

      2024-10-12_4a0282c787e834797637faa0ead6594a_wannacry

    • Size

      2.2MB

    • MD5

      4a0282c787e834797637faa0ead6594a

    • SHA1

      24819c00021a2186419ec29bce834fc35a1ecc46

    • SHA256

      fe9714ae9d6622ae802ccee03f8f420a7639bc2944b4a5e41bd4d322ea229861

    • SHA512

      33ab13570df074b089544413e00ca231195668cca89e5938ac0c1b414517d3c0eaf961604200c637d28f280c248c5923515b9ca796bec9fef454cae906e7e790

    • SSDEEP

      24576:QbLguriIfEcQdIVUv5PwxhrWYK+ef0QeQjG/S:QnpEKUv9wC7+VQej/S

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3168) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks