General

  • Target

    2024-11-19_226c6d5c254b33f4d6d3dbca500b4e05_wannacry

  • Size

    5.0MB

  • Sample

    241119-rq3p7sxbkg

  • MD5

    226c6d5c254b33f4d6d3dbca500b4e05

  • SHA1

    6110bb3edc05f4f8946406daaad31ec02972a2df

  • SHA256

    e4d5d952ee8e2c5394ae92cc8dd13d83dd99e2960ea920946969d7f3d6b62b8e

  • SHA512

    4cc44c5457c1ea054f8e7fcd0c623ec3487ab0edfb586e1454e0fcd621d449ebe452fddd476c066a60900fd0e158852a82dd7262ba93ad0ac5f2880f9b49e3c4

  • SSDEEP

    49152:XnnMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:XnPoBhz1aRxcSUDk36SA

Malware Config

Targets

    • Target

      2024-11-19_226c6d5c254b33f4d6d3dbca500b4e05_wannacry

    • Size

      5.0MB

    • MD5

      226c6d5c254b33f4d6d3dbca500b4e05

    • SHA1

      6110bb3edc05f4f8946406daaad31ec02972a2df

    • SHA256

      e4d5d952ee8e2c5394ae92cc8dd13d83dd99e2960ea920946969d7f3d6b62b8e

    • SHA512

      4cc44c5457c1ea054f8e7fcd0c623ec3487ab0edfb586e1454e0fcd621d449ebe452fddd476c066a60900fd0e158852a82dd7262ba93ad0ac5f2880f9b49e3c4

    • SSDEEP

      49152:XnnMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:XnPoBhz1aRxcSUDk36SA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (2981) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks