General

  • Target

    2024-10-28_fd5e61012cdd7c49e9e7ab84faf2fec6_wannacry

  • Size

    3.6MB

  • Sample

    241028-m678eaxfkc

  • MD5

    fd5e61012cdd7c49e9e7ab84faf2fec6

  • SHA1

    54f55fafa0a481f3df90b14580116b51d7f9cf0c

  • SHA256

    36c3e8d1f1a8a583c456853ea949d784f4b0654a2248f4a9764daa6d155d20cf

  • SHA512

    452c392196857bc07a1031bba5a38c5582f93803060680ea99a73969132fa56783f32b23387990184bc355a3c3d813e39a753661d6d19eba4b16906ad45d6867

  • SSDEEP

    98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5hAVp2HI:Z8qPe1Cxcxk3ZAEUadzc4HI

Malware Config

Targets

    • Target

      2024-10-28_fd5e61012cdd7c49e9e7ab84faf2fec6_wannacry

    • Size

      3.6MB

    • MD5

      fd5e61012cdd7c49e9e7ab84faf2fec6

    • SHA1

      54f55fafa0a481f3df90b14580116b51d7f9cf0c

    • SHA256

      36c3e8d1f1a8a583c456853ea949d784f4b0654a2248f4a9764daa6d155d20cf

    • SHA512

      452c392196857bc07a1031bba5a38c5582f93803060680ea99a73969132fa56783f32b23387990184bc355a3c3d813e39a753661d6d19eba4b16906ad45d6867

    • SSDEEP

      98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P5hAVp2HI:Z8qPe1Cxcxk3ZAEUadzc4HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3263) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks