General

  • Target

    2024-10-12_ec65776f77a02a7cd7287b4680eb9da5_wannacry

  • Size

    2.2MB

  • Sample

    241012-er1wsaxbrq

  • MD5

    ec65776f77a02a7cd7287b4680eb9da5

  • SHA1

    f473bd373017a276b73e464a0a14493bcd8825bd

  • SHA256

    b572542a0a67c2476cac763d2b2b9ebbaae07e5be257715a80c99d16ed8f7356

  • SHA512

    5d756404ed35a239a5461fc103ebea047df61d563ed1490b5d00dbfb0a8aea7d2ee751e3f79a259f38a09abbd0fb7e055e558e5b3b43ad2694dc93713918ba9a

  • SSDEEP

    24576:QbLguFQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLfk+RdhAdmvn:Qn1QqMSPbcBVQej/1INjRdhnvn

Malware Config

Targets

    • Target

      2024-10-12_ec65776f77a02a7cd7287b4680eb9da5_wannacry

    • Size

      2.2MB

    • MD5

      ec65776f77a02a7cd7287b4680eb9da5

    • SHA1

      f473bd373017a276b73e464a0a14493bcd8825bd

    • SHA256

      b572542a0a67c2476cac763d2b2b9ebbaae07e5be257715a80c99d16ed8f7356

    • SHA512

      5d756404ed35a239a5461fc103ebea047df61d563ed1490b5d00dbfb0a8aea7d2ee751e3f79a259f38a09abbd0fb7e055e558e5b3b43ad2694dc93713918ba9a

    • SSDEEP

      24576:QbLguFQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLfk+RdhAdmvn:Qn1QqMSPbcBVQej/1INjRdhnvn

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3246) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks