General

  • Target

    2024-10-12_4add0c33ad97fba562074edafe69c77a_wannacry

  • Size

    3.6MB

  • Sample

    241012-d8xd9a1erb

  • MD5

    4add0c33ad97fba562074edafe69c77a

  • SHA1

    b77403a1db59372eeb6ca386c8d735c8cb7b2ef2

  • SHA256

    2aa344bde06d1dafbff2915927b03c39502fcfd32d92f915d4f4917c98394191

  • SHA512

    5554d4495717ac82c41861a249cecebd04e128dbe2fab67eb7e539fe4a4b27086b0729415fcd069ce3474e9763aa9235110e78693c3d3c12d300f57a00348ba9

  • SSDEEP

    24576:XbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXXJTs:XnjQqMSPbcBVQej/1INRx+TSqTdX5nI

Malware Config

Targets

    • Target

      2024-10-12_4add0c33ad97fba562074edafe69c77a_wannacry

    • Size

      3.6MB

    • MD5

      4add0c33ad97fba562074edafe69c77a

    • SHA1

      b77403a1db59372eeb6ca386c8d735c8cb7b2ef2

    • SHA256

      2aa344bde06d1dafbff2915927b03c39502fcfd32d92f915d4f4917c98394191

    • SHA512

      5554d4495717ac82c41861a249cecebd04e128dbe2fab67eb7e539fe4a4b27086b0729415fcd069ce3474e9763aa9235110e78693c3d3c12d300f57a00348ba9

    • SSDEEP

      24576:XbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXXJTs:XnjQqMSPbcBVQej/1INRx+TSqTdX5nI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3148) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks