General

  • Target

    2024-11-20_b5b1ea94a40c7abe240c29518a8b4a96_wannacry

  • Size

    3.6MB

  • Sample

    241120-lm4v7svhrp

  • MD5

    b5b1ea94a40c7abe240c29518a8b4a96

  • SHA1

    4b72378a3900403c1196b8d3c93ab32e01eb34bc

  • SHA256

    046a222a0909116a1183c8d9ecb5bdc2d0068978fe0cf34e60ff671a5adcde34

  • SHA512

    79e0e84bd4d47b6cd38e80f6f7cf115d62699d6a7f1a9e55f61f66391a137f8718847ca19824d48d794b87c42b3e906968556aa7475881dbe2125dc301e22c9b

  • SSDEEP

    98304:onj5mqtRvJEZ+jT4guDNIltHTOibMR3LvYuENf07dFfmh+OcvTrvM3R/zTqg0qFK:onK2/yGr6RL

Malware Config

Targets

    • Target

      2024-11-20_b5b1ea94a40c7abe240c29518a8b4a96_wannacry

    • Size

      3.6MB

    • MD5

      b5b1ea94a40c7abe240c29518a8b4a96

    • SHA1

      4b72378a3900403c1196b8d3c93ab32e01eb34bc

    • SHA256

      046a222a0909116a1183c8d9ecb5bdc2d0068978fe0cf34e60ff671a5adcde34

    • SHA512

      79e0e84bd4d47b6cd38e80f6f7cf115d62699d6a7f1a9e55f61f66391a137f8718847ca19824d48d794b87c42b3e906968556aa7475881dbe2125dc301e22c9b

    • SSDEEP

      98304:onj5mqtRvJEZ+jT4guDNIltHTOibMR3LvYuENf07dFfmh+OcvTrvM3R/zTqg0qFK:onK2/yGr6RL

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3183) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks