General

  • Target

    2024-12-22_938c3c66f6d704b18a6bf7c2e278c07a_wannacry

  • Size

    3.6MB

  • Sample

    241222-f46hgavqdt

  • MD5

    938c3c66f6d704b18a6bf7c2e278c07a

  • SHA1

    a38ff346ce8ae9a275ef32462dabf6fd29854c75

  • SHA256

    b3aa2b6c55ec3747d1bbeea1829cd16c3305576d218de740ec98d0e5170eb8f9

  • SHA512

    8097bd6d1e3b72d6bdc59bdea5f69adf9ed785c4c8c59b105a75a0e37cc41d02e94f57d3d06183ddbd4aa8bc68b1cbc7b01cb6203607a11560d65bcb2668b47e

  • SSDEEP

    49152:4nFQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvREauQHI:oeqPoBhz1aRxcSUDk36SAEdhvYQHI

Malware Config

Targets

    • Target

      2024-12-22_938c3c66f6d704b18a6bf7c2e278c07a_wannacry

    • Size

      3.6MB

    • MD5

      938c3c66f6d704b18a6bf7c2e278c07a

    • SHA1

      a38ff346ce8ae9a275ef32462dabf6fd29854c75

    • SHA256

      b3aa2b6c55ec3747d1bbeea1829cd16c3305576d218de740ec98d0e5170eb8f9

    • SHA512

      8097bd6d1e3b72d6bdc59bdea5f69adf9ed785c4c8c59b105a75a0e37cc41d02e94f57d3d06183ddbd4aa8bc68b1cbc7b01cb6203607a11560d65bcb2668b47e

    • SSDEEP

      49152:4nFQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvREauQHI:oeqPoBhz1aRxcSUDk36SAEdhvYQHI

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3183) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks