General

  • Target

    2024-10-12_b0863a758670f1081eb0319bad7b76f5_wannacry

  • Size

    2.2MB

  • Sample

    241012-egyzfawflq

  • MD5

    b0863a758670f1081eb0319bad7b76f5

  • SHA1

    51266e9e6d4be12aa09268cc84f5e5a869069aef

  • SHA256

    d8568496c15cdfc37b7410bd5d05d1d49f0b1372dd465faef0b5a580c9a7b35f

  • SHA512

    501167b7c19c4cfd86a65bf9f9cd1659e32df5df00eb8bbd94a320ad14b9d79849374d8584595b6240f65f86d9d4785f2fea9fa06b9f79e102deb5ae1486da02

  • SSDEEP

    24576:QbLguriIfAMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKok+RdhAdmvn:QnpAMSPbcBVQej/1IN1Rdhnvn

Malware Config

Targets

    • Target

      2024-10-12_b0863a758670f1081eb0319bad7b76f5_wannacry

    • Size

      2.2MB

    • MD5

      b0863a758670f1081eb0319bad7b76f5

    • SHA1

      51266e9e6d4be12aa09268cc84f5e5a869069aef

    • SHA256

      d8568496c15cdfc37b7410bd5d05d1d49f0b1372dd465faef0b5a580c9a7b35f

    • SHA512

      501167b7c19c4cfd86a65bf9f9cd1659e32df5df00eb8bbd94a320ad14b9d79849374d8584595b6240f65f86d9d4785f2fea9fa06b9f79e102deb5ae1486da02

    • SSDEEP

      24576:QbLguriIfAMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKok+RdhAdmvn:QnpAMSPbcBVQej/1IN1Rdhnvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3192) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks