General

  • Target

    2024-10-12_8492e1e058a2af899a9dddb79c63d03f_wannacry

  • Size

    2.2MB

  • Sample

    241012-ebdfjs1gkg

  • MD5

    8492e1e058a2af899a9dddb79c63d03f

  • SHA1

    5234de7cff489654cac7c6c6c6be32cd3c56b1ad

  • SHA256

    d3a771f19c2d05e298d8ebdda04a17d0fa20da4aaf724aace9814554a3b06dee

  • SHA512

    31246df8f8acc2571bbbdce9deb9ab0a33092bba5192e57dcef0ebda21dfc1691db58a50e0eb44e36b64e17bd899ed16245ac897599605c16b64fb4f0b27ef70

  • SSDEEP

    49152:QnsEMSPbcBVQej/1INRx+TSqTdX1HkQo6SA+vn:QfPoBhz1aRxcSUDk36SAWn

Malware Config

Targets

    • Target

      2024-10-12_8492e1e058a2af899a9dddb79c63d03f_wannacry

    • Size

      2.2MB

    • MD5

      8492e1e058a2af899a9dddb79c63d03f

    • SHA1

      5234de7cff489654cac7c6c6c6be32cd3c56b1ad

    • SHA256

      d3a771f19c2d05e298d8ebdda04a17d0fa20da4aaf724aace9814554a3b06dee

    • SHA512

      31246df8f8acc2571bbbdce9deb9ab0a33092bba5192e57dcef0ebda21dfc1691db58a50e0eb44e36b64e17bd899ed16245ac897599605c16b64fb4f0b27ef70

    • SSDEEP

      49152:QnsEMSPbcBVQej/1INRx+TSqTdX1HkQo6SA+vn:QfPoBhz1aRxcSUDk36SAWn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3320) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks