General

  • Target

    2024-10-12_336957e672f16525f9dc2accd1e53711_wannacry

  • Size

    2.2MB

  • Sample

    241012-dxttzszhmf

  • MD5

    336957e672f16525f9dc2accd1e53711

  • SHA1

    37ebf1ddf6184de4823f2c287e64a2efe7affc48

  • SHA256

    6555ec9bca6130551be4a5123e714e1705d288dc05aae7a8cf7f8fd4a85335d1

  • SHA512

    e1832677a96fa16d8f88be2e9332de2d047ef647519f4779f73b4d66b01cd017697fb0c0d1f0c95daee90ad2455ce43ba38b28bb7f0402ebf217f4c8f4517749

  • SSDEEP

    49152:QnxQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:Q6qPoBhz1aRxcSUDk36SA

Malware Config

Targets

    • Target

      2024-10-12_336957e672f16525f9dc2accd1e53711_wannacry

    • Size

      2.2MB

    • MD5

      336957e672f16525f9dc2accd1e53711

    • SHA1

      37ebf1ddf6184de4823f2c287e64a2efe7affc48

    • SHA256

      6555ec9bca6130551be4a5123e714e1705d288dc05aae7a8cf7f8fd4a85335d1

    • SHA512

      e1832677a96fa16d8f88be2e9332de2d047ef647519f4779f73b4d66b01cd017697fb0c0d1f0c95daee90ad2455ce43ba38b28bb7f0402ebf217f4c8f4517749

    • SSDEEP

      49152:QnxQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:Q6qPoBhz1aRxcSUDk36SA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3131) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks