General

  • Target

    405ca1e135c0db4d4394f1e343c4b1f60d77f5573ea03f199fe3fd7ea61ecde2N

  • Size

    3.6MB

  • Sample

    241022-djnqtatamd

  • MD5

    16c9fc4bb5aadc37c8cdcde301cf44d0

  • SHA1

    b33db650e6901dcbf1d048bdeeccbfbbb59e2463

  • SHA256

    405ca1e135c0db4d4394f1e343c4b1f60d77f5573ea03f199fe3fd7ea61ecde2

  • SHA512

    d815d67dbaaa9ddecfa8842374c2c311c5869f3448177e674874dcdf62e08b4c956890cb581725d0020684c5318fedcfc3b7b67c15dc7bf7eae9d2d0d855fe1b

  • SSDEEP

    98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5BZx8:Z8qPe1Cxcxk3ZAEUadj78

Malware Config

Targets

    • Target

      405ca1e135c0db4d4394f1e343c4b1f60d77f5573ea03f199fe3fd7ea61ecde2N

    • Size

      3.6MB

    • MD5

      16c9fc4bb5aadc37c8cdcde301cf44d0

    • SHA1

      b33db650e6901dcbf1d048bdeeccbfbbb59e2463

    • SHA256

      405ca1e135c0db4d4394f1e343c4b1f60d77f5573ea03f199fe3fd7ea61ecde2

    • SHA512

      d815d67dbaaa9ddecfa8842374c2c311c5869f3448177e674874dcdf62e08b4c956890cb581725d0020684c5318fedcfc3b7b67c15dc7bf7eae9d2d0d855fe1b

    • SSDEEP

      98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5BZx8:Z8qPe1Cxcxk3ZAEUadj78

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2455) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks