General

  • Target

    2024-10-12_2d081f8211ff3d34ac7e779684db99a8_wannacry

  • Size

    3.6MB

  • Sample

    241012-drx98avbkm

  • MD5

    2d081f8211ff3d34ac7e779684db99a8

  • SHA1

    7645e5016068ac7f8ec182af8780ddce11118c7b

  • SHA256

    39ff5575e216f1cbeab6fec8d2e8176ea08cf578a6b12b0a1ccc65f621e7f85d

  • SHA512

    6e94b95c50c087ac1757a4d28ef699637a9aff68180189401dcc07e298b61de5336c827322c004d4e072f008d918dab65bd92ad92c1477fe778b5af15ea05291

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQeI:XDqPoBhz1aRxcSUDkXI

Malware Config

Targets

    • Target

      2024-10-12_2d081f8211ff3d34ac7e779684db99a8_wannacry

    • Size

      3.6MB

    • MD5

      2d081f8211ff3d34ac7e779684db99a8

    • SHA1

      7645e5016068ac7f8ec182af8780ddce11118c7b

    • SHA256

      39ff5575e216f1cbeab6fec8d2e8176ea08cf578a6b12b0a1ccc65f621e7f85d

    • SHA512

      6e94b95c50c087ac1757a4d28ef699637a9aff68180189401dcc07e298b61de5336c827322c004d4e072f008d918dab65bd92ad92c1477fe778b5af15ea05291

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1INRx+TSqTdX1HkQeI:XDqPoBhz1aRxcSUDkXI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3193) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks