General

  • Target

    2024-11-19_f64696a354e8f91f07a7a34d06011c9a_wannacry

  • Size

    5.0MB

  • Sample

    241119-mv8pssvjht

  • MD5

    f64696a354e8f91f07a7a34d06011c9a

  • SHA1

    c1a04bcbd21d91f69a84a0b047d4019f2f5da000

  • SHA256

    bdf57a05ab02ccfd7bb5eefe6787d58c80a645d883202c2595fcd4d23e77efef

  • SHA512

    c3daf7152b20814834d7a0b6b6c83712023957ac170ec715d1b0aa4bc2178862d023ff2e14b3762c7987f450bb8da428675431878aed66456c7c2c68cd97dc84

  • SSDEEP

    6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYQuy8DLq1eNVDvMrH:GvbLgPlu+QhMbaIMu7L5NVEr

Malware Config

Targets

    • Target

      2024-11-19_f64696a354e8f91f07a7a34d06011c9a_wannacry

    • Size

      5.0MB

    • MD5

      f64696a354e8f91f07a7a34d06011c9a

    • SHA1

      c1a04bcbd21d91f69a84a0b047d4019f2f5da000

    • SHA256

      bdf57a05ab02ccfd7bb5eefe6787d58c80a645d883202c2595fcd4d23e77efef

    • SHA512

      c3daf7152b20814834d7a0b6b6c83712023957ac170ec715d1b0aa4bc2178862d023ff2e14b3762c7987f450bb8da428675431878aed66456c7c2c68cd97dc84

    • SSDEEP

      6144:GE9l9yUqIYVTH5DgSg8ajldktM0XXrP2QhMV9qbBLIwYQuy8DLq1eNVDvMrH:GvbLgPlu+QhMbaIMu7L5NVEr

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3262) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks