General

  • Target

    2024-12-21_d0200e9b93e8a4d28c5d50c3dee59906_wannacry

  • Size

    5.0MB

  • Sample

    241221-mj4lpsxqhz

  • MD5

    d0200e9b93e8a4d28c5d50c3dee59906

  • SHA1

    07aa4e0c21252afdb96e98c10632ec89e9308054

  • SHA256

    eaaa39a574b53e6dbcb73c94232f69af02e5babd2a16525d701d072c43945565

  • SHA512

    de4c460cba13f7c9d8d807bb234d943b2c0935b38c3f3ff4bb6653e4328df65c37272c980f9b0c94be2ed0c6628d74034c78120bdd2a91537a859a87174b9914

  • SSDEEP

    49152:2nmMSPbcBV0+TSqTdX1HkQo6SAAc1PAME:ymPoBicSUDk36SAp1P5

Malware Config

Targets

    • Target

      2024-12-21_d0200e9b93e8a4d28c5d50c3dee59906_wannacry

    • Size

      5.0MB

    • MD5

      d0200e9b93e8a4d28c5d50c3dee59906

    • SHA1

      07aa4e0c21252afdb96e98c10632ec89e9308054

    • SHA256

      eaaa39a574b53e6dbcb73c94232f69af02e5babd2a16525d701d072c43945565

    • SHA512

      de4c460cba13f7c9d8d807bb234d943b2c0935b38c3f3ff4bb6653e4328df65c37272c980f9b0c94be2ed0c6628d74034c78120bdd2a91537a859a87174b9914

    • SSDEEP

      49152:2nmMSPbcBV0+TSqTdX1HkQo6SAAc1PAME:ymPoBicSUDk36SAp1P5

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3170) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks