General

  • Target

    2024-10-12_817a1d8d5a06e3178f2d74b49f1e5b22_wannacry

  • Size

    3.6MB

  • Sample

    241012-eazmdswckq

  • MD5

    817a1d8d5a06e3178f2d74b49f1e5b22

  • SHA1

    b67c4155b7ad51cd3c927dcdbf0b17ccb964c792

  • SHA256

    34e3aecdfc6796c92faae272325397ffc6c43378d282e6023381c8337e4ef316

  • SHA512

    5eacdb56a8e90f7dfc55a679a0480ecf3f68b893860819c20a6dba4703a271930b8c8a27143befe6e048fcd4cb44794d783b4fa3cfdfa25b133d0c0aed6afbd3

  • SSDEEP

    98304:XDqPoBhz1aRxcSUmxWa9P593R8yAVp2HI:XDqPe1CxcXadzR8yc4HI

Malware Config

Targets

    • Target

      2024-10-12_817a1d8d5a06e3178f2d74b49f1e5b22_wannacry

    • Size

      3.6MB

    • MD5

      817a1d8d5a06e3178f2d74b49f1e5b22

    • SHA1

      b67c4155b7ad51cd3c927dcdbf0b17ccb964c792

    • SHA256

      34e3aecdfc6796c92faae272325397ffc6c43378d282e6023381c8337e4ef316

    • SHA512

      5eacdb56a8e90f7dfc55a679a0480ecf3f68b893860819c20a6dba4703a271930b8c8a27143befe6e048fcd4cb44794d783b4fa3cfdfa25b133d0c0aed6afbd3

    • SSDEEP

      98304:XDqPoBhz1aRxcSUmxWa9P593R8yAVp2HI:XDqPe1CxcXadzR8yc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3050) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks