General

  • Target

    2024-10-12_529a90fefaf879ab2cc212a5a2b6ca3a_wannacry

  • Size

    3.6MB

  • Sample

    241012-eb8axswcqq

  • MD5

    529a90fefaf879ab2cc212a5a2b6ca3a

  • SHA1

    85d08e6dcbe6912a0cbe583e5baabec51c95fd07

  • SHA256

    232096e2be0f4a1975c8f0c7ae25965a53bec7f6e3e9930b4de7c0b30ef47b1d

  • SHA512

    35a60e82c09defeb66e7a78fb838a3bfb36b3196e8e9d74fa5cad314e0178f357d21db29fc13ef639bf747e480b66c6f443f50ff0ed8662de5e4a7df691e0c11

  • SSDEEP

    49152:2nAQqMSPbcBVW/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9BVvI:yDqPoBg1aRxcSUDk36SAEdhvxWa9U

Malware Config

Targets

    • Target

      2024-10-12_529a90fefaf879ab2cc212a5a2b6ca3a_wannacry

    • Size

      3.6MB

    • MD5

      529a90fefaf879ab2cc212a5a2b6ca3a

    • SHA1

      85d08e6dcbe6912a0cbe583e5baabec51c95fd07

    • SHA256

      232096e2be0f4a1975c8f0c7ae25965a53bec7f6e3e9930b4de7c0b30ef47b1d

    • SHA512

      35a60e82c09defeb66e7a78fb838a3bfb36b3196e8e9d74fa5cad314e0178f357d21db29fc13ef639bf747e480b66c6f443f50ff0ed8662de5e4a7df691e0c11

    • SSDEEP

      49152:2nAQqMSPbcBVW/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9BVvI:yDqPoBg1aRxcSUDk36SAEdhvxWa9U

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3241) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks