General

  • Target

    2024-10-12_66f90b20a55a95ac3c40881296c1e052_wannacry

  • Size

    3.6MB

  • Sample

    241012-ef8r9asarg

  • MD5

    66f90b20a55a95ac3c40881296c1e052

  • SHA1

    7f5feea526786b9303fa0b0cc598cbd6ff6c9bbf

  • SHA256

    2e7272a4815c5eb858fd96775093bb43331afd613e00125dcf3c0869a0360a77

  • SHA512

    bafbe5dab300abb02ea5e1ca49c91a80b5ba5f3e5554059d88840e208cce703892b0e42f40786a119d700513724a22da26f6f3cb5d3d630ab5d63c42594f32c8

  • SSDEEP

    49152:2nAQqMSPbcBVTNRx+TSqTdX1HkQo6SAARdhnv:yDqPoBfRxcSUDk36SAEdhv

Malware Config

Targets

    • Target

      2024-10-12_66f90b20a55a95ac3c40881296c1e052_wannacry

    • Size

      3.6MB

    • MD5

      66f90b20a55a95ac3c40881296c1e052

    • SHA1

      7f5feea526786b9303fa0b0cc598cbd6ff6c9bbf

    • SHA256

      2e7272a4815c5eb858fd96775093bb43331afd613e00125dcf3c0869a0360a77

    • SHA512

      bafbe5dab300abb02ea5e1ca49c91a80b5ba5f3e5554059d88840e208cce703892b0e42f40786a119d700513724a22da26f6f3cb5d3d630ab5d63c42594f32c8

    • SSDEEP

      49152:2nAQqMSPbcBVTNRx+TSqTdX1HkQo6SAARdhnv:yDqPoBfRxcSUDk36SAEdhv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3227) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks