General

  • Target

    2024-10-12_170e376e4fc6a0062db6b686d387c76f_wannacry

  • Size

    3.6MB

  • Sample

    241012-dz5dha1aqe

  • MD5

    170e376e4fc6a0062db6b686d387c76f

  • SHA1

    194d3e6bee7dbcc8a35072308cacb85383aaea0b

  • SHA256

    2f4f80450a9ec1db1800bb7b04922dcbb443dc7a755b2a10c796b038933204be

  • SHA512

    bb10648678d7e390b916f6662de22041fad7fdbf424ad377b4614bceb4c7dca21d304bbc18e2968320b91ed56684ffd821360cde5b717ce464a0871c1ade61b5

  • SSDEEP

    98304:yD2PoBhz1aRxcSUDk36SAEdhvxWa9P53+GGI:yD2Pe1Cxcxk3ZAEUadxGI

Malware Config

Targets

    • Target

      2024-10-12_170e376e4fc6a0062db6b686d387c76f_wannacry

    • Size

      3.6MB

    • MD5

      170e376e4fc6a0062db6b686d387c76f

    • SHA1

      194d3e6bee7dbcc8a35072308cacb85383aaea0b

    • SHA256

      2f4f80450a9ec1db1800bb7b04922dcbb443dc7a755b2a10c796b038933204be

    • SHA512

      bb10648678d7e390b916f6662de22041fad7fdbf424ad377b4614bceb4c7dca21d304bbc18e2968320b91ed56684ffd821360cde5b717ce464a0871c1ade61b5

    • SSDEEP

      98304:yD2PoBhz1aRxcSUDk36SAEdhvxWa9P53+GGI:yD2Pe1Cxcxk3ZAEUadxGI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3130) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks