General
-
Target
2024-10-12_181594261714b65b84feefe01627e76a_wannacry
-
Size
5.0MB
-
Sample
241012-tx31natglr
-
MD5
181594261714b65b84feefe01627e76a
-
SHA1
5d00f4d567e7dff79c755e9d4e76501fa868574e
-
SHA256
207cf02fbdfcbbbfa5ff3c2ab83a21153768aab0eb3b1f6848b2de00a67f76d5
-
SHA512
10bd1b25d95d3d5dab900382fe71c7c5f2dde5b0d1677ea79e9dfdfbe5ef8991d95d09125afafea90e01d7933b9cec27040b9614b928ed918e5fe60aedce156a
-
SSDEEP
98304:nDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2HtD527BWG:nDqPe1Cxcxk3ZAEUadzR8yc4HtVQBWG
Malware Config
Targets
-
-
Target
2024-10-12_181594261714b65b84feefe01627e76a_wannacry
-
Size
5.0MB
-
MD5
181594261714b65b84feefe01627e76a
-
SHA1
5d00f4d567e7dff79c755e9d4e76501fa868574e
-
SHA256
207cf02fbdfcbbbfa5ff3c2ab83a21153768aab0eb3b1f6848b2de00a67f76d5
-
SHA512
10bd1b25d95d3d5dab900382fe71c7c5f2dde5b0d1677ea79e9dfdfbe5ef8991d95d09125afafea90e01d7933b9cec27040b9614b928ed918e5fe60aedce156a
-
SSDEEP
98304:nDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2HtD527BWG:nDqPe1Cxcxk3ZAEUadzR8yc4HtVQBWG
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3306) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-