General

  • Target

    2024-10-12_27f2b73d94700642a41036bcafe343f0_wannacry

  • Size

    3.6MB

  • Sample

    241012-dssfcszfme

  • MD5

    27f2b73d94700642a41036bcafe343f0

  • SHA1

    cb3607cc591221c8c1c0cc25582f2534eae7b407

  • SHA256

    28d671170d03be4a1a2089d94934ccb5e5294930feb9f41f15b39f4b1df7e091

  • SHA512

    069e04325835157af63e2f1e513553e14baf8f968bab3cccf462356b1b9df8e1a52ab88f336a5752d89f5821d553ca6bda190c0dd9cc46a5335fb6980c16af57

  • SSDEEP

    98304:XDqPoBtaRxcSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPICxcxk3ZAEUadzR8yc4HI

Malware Config

Targets

    • Target

      2024-10-12_27f2b73d94700642a41036bcafe343f0_wannacry

    • Size

      3.6MB

    • MD5

      27f2b73d94700642a41036bcafe343f0

    • SHA1

      cb3607cc591221c8c1c0cc25582f2534eae7b407

    • SHA256

      28d671170d03be4a1a2089d94934ccb5e5294930feb9f41f15b39f4b1df7e091

    • SHA512

      069e04325835157af63e2f1e513553e14baf8f968bab3cccf462356b1b9df8e1a52ab88f336a5752d89f5821d553ca6bda190c0dd9cc46a5335fb6980c16af57

    • SSDEEP

      98304:XDqPoBtaRxcSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqPICxcxk3ZAEUadzR8yc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3238) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks