General

  • Target

    2024-10-12_7bf9a0354b6332451f592281fc6aff3c_wannacry

  • Size

    2.2MB

  • Sample

    241012-eahnwawbrm

  • MD5

    7bf9a0354b6332451f592281fc6aff3c

  • SHA1

    2cd2103b573ca57bfc362d88b3b84f5da62f089b

  • SHA256

    84d63d7681779ea034885d0732595fa0efab9abbd1eac0dccf30bfd318faef31

  • SHA512

    398f4311f6d64b8ae562792b6954d481690796102f0f6155d5100ac58ca6f34d6e6f62a6277a809c11946a33eeb16d1e4f22f582abcfcb4797af68249e3f0a57

  • SSDEEP

    49152:QnpEjbcBVQej/1IQSqTdX1HkQNARdhnvn:QpUoBhz1jSUDksEdhvn

Malware Config

Targets

    • Target

      2024-10-12_7bf9a0354b6332451f592281fc6aff3c_wannacry

    • Size

      2.2MB

    • MD5

      7bf9a0354b6332451f592281fc6aff3c

    • SHA1

      2cd2103b573ca57bfc362d88b3b84f5da62f089b

    • SHA256

      84d63d7681779ea034885d0732595fa0efab9abbd1eac0dccf30bfd318faef31

    • SHA512

      398f4311f6d64b8ae562792b6954d481690796102f0f6155d5100ac58ca6f34d6e6f62a6277a809c11946a33eeb16d1e4f22f582abcfcb4797af68249e3f0a57

    • SSDEEP

      49152:QnpEjbcBVQej/1IQSqTdX1HkQNARdhnvn:QpUoBhz1jSUDksEdhvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3262) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks