General

  • Target

    2024-10-30_9c7f041deba1b147bde345d639a024c1_wannacry

  • Size

    5.0MB

  • Sample

    241030-xwgmtazdqq

  • MD5

    9c7f041deba1b147bde345d639a024c1

  • SHA1

    9475c1bb2410bd0e6e550f4eb8fc2f6a2bede087

  • SHA256

    4b7c28a20eb88331511df437b93a3689b367bba7171bd11faa3426dcd439b0d6

  • SHA512

    6a303dd8b34695ea0d32dbd0dea9550bf954e97d41d199d1963ec1f6e32ed15163cef881a124aadcd8afb3f1f05d2f186c0b2d1a64116ac4128cb2fe1ebdbf20

  • SSDEEP

    49152:2nAQqMSPbcBKvxJM0H9PAMEcaEau3R8yAH1plAH:yDqPoBSxWa9P593R8yAVp2H

Malware Config

Targets

    • Target

      2024-10-30_9c7f041deba1b147bde345d639a024c1_wannacry

    • Size

      5.0MB

    • MD5

      9c7f041deba1b147bde345d639a024c1

    • SHA1

      9475c1bb2410bd0e6e550f4eb8fc2f6a2bede087

    • SHA256

      4b7c28a20eb88331511df437b93a3689b367bba7171bd11faa3426dcd439b0d6

    • SHA512

      6a303dd8b34695ea0d32dbd0dea9550bf954e97d41d199d1963ec1f6e32ed15163cef881a124aadcd8afb3f1f05d2f186c0b2d1a64116ac4128cb2fe1ebdbf20

    • SSDEEP

      49152:2nAQqMSPbcBKvxJM0H9PAMEcaEau3R8yAH1plAH:yDqPoBSxWa9P593R8yAVp2H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3304) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks