General

  • Target

    e6a25bd51871027b721faa8725ecc1dd95f01a9a239677ea935c2773fa92a4d2N

  • Size

    5.0MB

  • Sample

    241107-qerccsskcz

  • MD5

    1cea714d9e2d28cc57b14fc0b1de9450

  • SHA1

    a34a4a94fa58810a2aa60420859eca6e734375a8

  • SHA256

    e6a25bd51871027b721faa8725ecc1dd95f01a9a239677ea935c2773fa92a4d2

  • SHA512

    e234c65c6a47ceb3241b30096149548dad935715b0afcaadba81a33babb1b125c1f84c2b00f11bc1402b911daa99b7b108a4c127df4ca9a4934d6de4dd5d4fc4

  • SSDEEP

    49152:2nAQqMSPbcBVQej0x+TSqTdv6SA9vxJM0H9PAMEcxyAH1plAH:yDqPoBhwxcSUR6SAVxWa9P5HyAVp2H

Malware Config

Targets

    • Target

      e6a25bd51871027b721faa8725ecc1dd95f01a9a239677ea935c2773fa92a4d2N

    • Size

      5.0MB

    • MD5

      1cea714d9e2d28cc57b14fc0b1de9450

    • SHA1

      a34a4a94fa58810a2aa60420859eca6e734375a8

    • SHA256

      e6a25bd51871027b721faa8725ecc1dd95f01a9a239677ea935c2773fa92a4d2

    • SHA512

      e234c65c6a47ceb3241b30096149548dad935715b0afcaadba81a33babb1b125c1f84c2b00f11bc1402b911daa99b7b108a4c127df4ca9a4934d6de4dd5d4fc4

    • SSDEEP

      49152:2nAQqMSPbcBVQej0x+TSqTdv6SA9vxJM0H9PAMEcxyAH1plAH:yDqPoBhwxcSUR6SAVxWa9P5HyAVp2H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (2496) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks