General

  • Target

    2024-12-22_860e1f44c66cc8fbaaf28fa9abe5095f_wannacry

  • Size

    3.6MB

  • Sample

    241222-s5c9jasmfs

  • MD5

    860e1f44c66cc8fbaaf28fa9abe5095f

  • SHA1

    955ebc13625f27f4c2d209f8a8a1a8ca1ae71c17

  • SHA256

    5e1d447755da017d7658d05fa4a204821a62151dd1dfd18bdbc47849a9bc1d56

  • SHA512

    13d699ac73508d9ab52e39f88c273205c0686e87bf1a7769bc88cdf44c4813ac4c95ac278b97219cf2098e459f845c85739ce435947842cd08a0e30d4f44727c

  • SSDEEP

    24576:VbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626Wo/Gs:VnjQqMSPbcBVQej/1INRAW+Gs

Malware Config

Targets

    • Target

      2024-12-22_860e1f44c66cc8fbaaf28fa9abe5095f_wannacry

    • Size

      3.6MB

    • MD5

      860e1f44c66cc8fbaaf28fa9abe5095f

    • SHA1

      955ebc13625f27f4c2d209f8a8a1a8ca1ae71c17

    • SHA256

      5e1d447755da017d7658d05fa4a204821a62151dd1dfd18bdbc47849a9bc1d56

    • SHA512

      13d699ac73508d9ab52e39f88c273205c0686e87bf1a7769bc88cdf44c4813ac4c95ac278b97219cf2098e459f845c85739ce435947842cd08a0e30d4f44727c

    • SSDEEP

      24576:VbLgdeQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626Wo/Gs:VnjQqMSPbcBVQej/1INRAW+Gs

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3290) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks