General

  • Target

    2024-12-22_d2105e8f213d6f88c70e644c1d45ea50_wannacry

  • Size

    5.0MB

  • Sample

    241222-p57atszjej

  • MD5

    d2105e8f213d6f88c70e644c1d45ea50

  • SHA1

    4d6f955d7d56c38acaacacd9ac043edda7a1bc49

  • SHA256

    0a1f65d6e2661ed3eaa9cc6fc8b4b447b5d9b0fe4ad0de653d3aca1c76a02954

  • SHA512

    7706235510713b9c4b274021b1ee1a7b413e2e0c071312bea017d647796b8bba317b9bf36f0dfcf53314f7b5f20148fac9cdee160a1feb8aa5551d9bed6a21b1

  • SSDEEP

    6144:UE9l9yNqIYVTH5DgSg8ajldktM0XXrs2QhMV9qbBLIwYQu:UwbLgPluxQhMbaIMu

Malware Config

Targets

    • Target

      2024-12-22_d2105e8f213d6f88c70e644c1d45ea50_wannacry

    • Size

      5.0MB

    • MD5

      d2105e8f213d6f88c70e644c1d45ea50

    • SHA1

      4d6f955d7d56c38acaacacd9ac043edda7a1bc49

    • SHA256

      0a1f65d6e2661ed3eaa9cc6fc8b4b447b5d9b0fe4ad0de653d3aca1c76a02954

    • SHA512

      7706235510713b9c4b274021b1ee1a7b413e2e0c071312bea017d647796b8bba317b9bf36f0dfcf53314f7b5f20148fac9cdee160a1feb8aa5551d9bed6a21b1

    • SSDEEP

      6144:UE9l9yNqIYVTH5DgSg8ajldktM0XXrs2QhMV9qbBLIwYQu:UwbLgPluxQhMbaIMu

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3246) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks