General

  • Target

    2024-10-12_53f2593aa6e7740ae3806e3a0c331efd_wannacry

  • Size

    3.6MB

  • Sample

    241012-echrna1grb

  • MD5

    53f2593aa6e7740ae3806e3a0c331efd

  • SHA1

    4e3eb4671ef74d0a768fd3101662e065b069bd22

  • SHA256

    2c2f428aad3045213974f0847a6ed750e92a453e50298725e4a54a8d85a64615

  • SHA512

    f76e0b9652b6a0c853b5062d569da534ff882e462f8a584ffea1a467f7b038d13ab2c155d2e7f6e4d0f77e853d304b7ecaf37cf70b74dfb49ad5763813ed86ab

  • SSDEEP

    49152:2nAQqMSPbcBVQjSAARdhnvxJM0H9PAMEcaEau3R8yAH1plAmy:yDqPoBcSAEdhvxWa9P593R8yAVp2

Malware Config

Targets

    • Target

      2024-10-12_53f2593aa6e7740ae3806e3a0c331efd_wannacry

    • Size

      3.6MB

    • MD5

      53f2593aa6e7740ae3806e3a0c331efd

    • SHA1

      4e3eb4671ef74d0a768fd3101662e065b069bd22

    • SHA256

      2c2f428aad3045213974f0847a6ed750e92a453e50298725e4a54a8d85a64615

    • SHA512

      f76e0b9652b6a0c853b5062d569da534ff882e462f8a584ffea1a467f7b038d13ab2c155d2e7f6e4d0f77e853d304b7ecaf37cf70b74dfb49ad5763813ed86ab

    • SSDEEP

      49152:2nAQqMSPbcBVQjSAARdhnvxJM0H9PAMEcaEau3R8yAH1plAmy:yDqPoBcSAEdhvxWa9P593R8yAVp2

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3278) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks