General

  • Target

    2024-10-28_e8c90856e34bc026072884a6375323b1_wannacry

  • Size

    3.6MB

  • Sample

    241028-l2ejvswepe

  • MD5

    e8c90856e34bc026072884a6375323b1

  • SHA1

    8ac7503d63306f795c2cdaacfa2b426bae831a03

  • SHA256

    1bd7c0452f249b155cbe92812a117a4b366e9e86bd7707178bd0e106c1b185bb

  • SHA512

    1758c4f47b81ffecb6ccb18ee13e1447c6a5257d1cc4e8fc2050c0bcf96f74fdbe959cb7435bd822e477c51055acec7f690458c63ae25d41aff8088aa3142f32

  • SSDEEP

    49152:2nAQqMSPbcBVQej0x+TSqTdv6SA9vxJM0H9PAMEcxyAH1plAHI:yDqPoBhwxcSUR6SAVxWa9P5HyAVp2HI

Malware Config

Targets

    • Target

      2024-10-28_e8c90856e34bc026072884a6375323b1_wannacry

    • Size

      3.6MB

    • MD5

      e8c90856e34bc026072884a6375323b1

    • SHA1

      8ac7503d63306f795c2cdaacfa2b426bae831a03

    • SHA256

      1bd7c0452f249b155cbe92812a117a4b366e9e86bd7707178bd0e106c1b185bb

    • SHA512

      1758c4f47b81ffecb6ccb18ee13e1447c6a5257d1cc4e8fc2050c0bcf96f74fdbe959cb7435bd822e477c51055acec7f690458c63ae25d41aff8088aa3142f32

    • SSDEEP

      49152:2nAQqMSPbcBVQej0x+TSqTdv6SA9vxJM0H9PAMEcxyAH1plAHI:yDqPoBhwxcSUR6SAVxWa9P5HyAVp2HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3146) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks