General

  • Target

    2024-10-22_0dc15c83654511e132b4811f83753118_wannacry

  • Size

    5.0MB

  • Sample

    241022-mx374a1dpd

  • MD5

    0dc15c83654511e132b4811f83753118

  • SHA1

    1d50a4fc6fd4477f18ec80e76eae7ef607731baa

  • SHA256

    4aee932ceb8d0972444bfa89027751b18f408bf59d7df948a33bf475f2dd01f5

  • SHA512

    14bde6829d089c731896fcd03f37917ab8797847d8e818289ee94765deeeb799eb0594c3763b7b1497f0a089f26804e3f3604b94d5dd17c50b63c1dff4073c7a

  • SSDEEP

    98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5BZx:Z8qPe1Cxcxk3ZAEUadj7

Malware Config

Targets

    • Target

      2024-10-22_0dc15c83654511e132b4811f83753118_wannacry

    • Size

      5.0MB

    • MD5

      0dc15c83654511e132b4811f83753118

    • SHA1

      1d50a4fc6fd4477f18ec80e76eae7ef607731baa

    • SHA256

      4aee932ceb8d0972444bfa89027751b18f408bf59d7df948a33bf475f2dd01f5

    • SHA512

      14bde6829d089c731896fcd03f37917ab8797847d8e818289ee94765deeeb799eb0594c3763b7b1497f0a089f26804e3f3604b94d5dd17c50b63c1dff4073c7a

    • SSDEEP

      98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5BZx:Z8qPe1Cxcxk3ZAEUadj7

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3354) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks