General

  • Target

    2024-10-12_1e64a00e68e01864d3f7d310be8ef85f_wannacry

  • Size

    3.6MB

  • Sample

    241012-dlssjszbnc

  • MD5

    1e64a00e68e01864d3f7d310be8ef85f

  • SHA1

    c58f0ed7e8f980d53fa6cf5908593489713c3b24

  • SHA256

    5fe63fa6fde5aca73716ef3a171a47130559e38ad16a17335158da11b30da01f

  • SHA512

    7bffad5ef9bdca923cbe624be171947f6cf2192aee7c37c136239073e9931a6b6c3cabc11e3985c5fa97a88682526ef88d98267d663a1ca590dea9390d40a247

  • SSDEEP

    49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HHEau3R8yAH1plAHI:yDqPoBhz1aRxcSUDu3R8yAVp2HI

Malware Config

Targets

    • Target

      2024-10-12_1e64a00e68e01864d3f7d310be8ef85f_wannacry

    • Size

      3.6MB

    • MD5

      1e64a00e68e01864d3f7d310be8ef85f

    • SHA1

      c58f0ed7e8f980d53fa6cf5908593489713c3b24

    • SHA256

      5fe63fa6fde5aca73716ef3a171a47130559e38ad16a17335158da11b30da01f

    • SHA512

      7bffad5ef9bdca923cbe624be171947f6cf2192aee7c37c136239073e9931a6b6c3cabc11e3985c5fa97a88682526ef88d98267d663a1ca590dea9390d40a247

    • SSDEEP

      49152:2nAQqMSPbcBVQej/1INRx+TSqTdX1HHEau3R8yAH1plAHI:yDqPoBhz1aRxcSUDu3R8yAVp2HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3116) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks