General

  • Target

    2024-12-22_d41b55996fe1e2d3bc5849e058ad4583_wannacry

  • Size

    3.6MB

  • Sample

    241222-dkkesa1kht

  • MD5

    d41b55996fe1e2d3bc5849e058ad4583

  • SHA1

    d6e74aed7f07e032c4fbd4a92abd101ec7ced1e4

  • SHA256

    78b96431c6e0c46fb3e197ea17e5e4cea523c7a196a97c14c00fdd1d93924e3f

  • SHA512

    1566efadc9a1dc377aa87d169a65098366eaad9c591212366a8ca2da1f38fa7344aacdb8cdf8483ab020254fbc929a9f724ebc1f857e7d772e6b85441d1396f3

  • SSDEEP

    49152:2nAQcX1HkQo6SAARdhnvxJM0H9PAMEcaEau3R8yAH1plAHI:yDak36SAEdhvxWa9P593R8yAVp2HI

Malware Config

Targets

    • Target

      2024-12-22_d41b55996fe1e2d3bc5849e058ad4583_wannacry

    • Size

      3.6MB

    • MD5

      d41b55996fe1e2d3bc5849e058ad4583

    • SHA1

      d6e74aed7f07e032c4fbd4a92abd101ec7ced1e4

    • SHA256

      78b96431c6e0c46fb3e197ea17e5e4cea523c7a196a97c14c00fdd1d93924e3f

    • SHA512

      1566efadc9a1dc377aa87d169a65098366eaad9c591212366a8ca2da1f38fa7344aacdb8cdf8483ab020254fbc929a9f724ebc1f857e7d772e6b85441d1396f3

    • SSDEEP

      49152:2nAQcX1HkQo6SAARdhnvxJM0H9PAMEcaEau3R8yAH1plAHI:yDak36SAEdhvxWa9P593R8yAVp2HI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3219) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks