General

  • Target

    2024-10-12_4c5c0b492e82a7ee9eaee32aec55cf58_wannacry

  • Size

    2.2MB

  • Sample

    241012-d96djs1fnb

  • MD5

    4c5c0b492e82a7ee9eaee32aec55cf58

  • SHA1

    2d4215144268d13fcc0531e26724c041fd4ac4f8

  • SHA256

    425e0ddf82a0a4755bb589dcc81e4fee8af7de07a42b992b65c899c78a4694c6

  • SHA512

    60bbbfcd961308b714d049b0c4b78581d9f3a1c5f81d25da4387020f4c5dd945b35b48f3e708bae234685d38194207993a058f3b8d9936676cff3fb6dfe6baa2

  • SSDEEP

    49152:QnsEMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhn1:QfPoBhz1aRxcSUDk36SAEdh1

Malware Config

Targets

    • Target

      2024-10-12_4c5c0b492e82a7ee9eaee32aec55cf58_wannacry

    • Size

      2.2MB

    • MD5

      4c5c0b492e82a7ee9eaee32aec55cf58

    • SHA1

      2d4215144268d13fcc0531e26724c041fd4ac4f8

    • SHA256

      425e0ddf82a0a4755bb589dcc81e4fee8af7de07a42b992b65c899c78a4694c6

    • SHA512

      60bbbfcd961308b714d049b0c4b78581d9f3a1c5f81d25da4387020f4c5dd945b35b48f3e708bae234685d38194207993a058f3b8d9936676cff3fb6dfe6baa2

    • SSDEEP

      49152:QnsEMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhn1:QfPoBhz1aRxcSUDk36SAEdh1

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3222) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks