General
-
Target
2024-12-26_9cf6ed4cfa01ff5be443218807108e99_wannacry
-
Size
3.6MB
-
Sample
241226-2jmeratkgt
-
MD5
9cf6ed4cfa01ff5be443218807108e99
-
SHA1
07baada0c4c6678f10b98e1787d7430e851e42f0
-
SHA256
0aab24eb961994e02101275f074106eca152d08ff7fe735f8836cc7bff67eb84
-
SHA512
c60a84ab31f8b34a3482891d9e4a530436e7312f1523821e6033c4fdab95c6a1f143d1f6a84def72c455034d3ac16ed84072f3736e262312da1e4535e17cde1e
-
SSDEEP
24576:bbLgdeQhfdmMSirYbcMNgef0QeQjG/Drt/8uME7A4IgxZ4RS/3DtDP:bnjQqMSPbcBVQej/f3R8s3R
Malware Config
Targets
-
-
Target
2024-12-26_9cf6ed4cfa01ff5be443218807108e99_wannacry
-
Size
3.6MB
-
MD5
9cf6ed4cfa01ff5be443218807108e99
-
SHA1
07baada0c4c6678f10b98e1787d7430e851e42f0
-
SHA256
0aab24eb961994e02101275f074106eca152d08ff7fe735f8836cc7bff67eb84
-
SHA512
c60a84ab31f8b34a3482891d9e4a530436e7312f1523821e6033c4fdab95c6a1f143d1f6a84def72c455034d3ac16ed84072f3736e262312da1e4535e17cde1e
-
SSDEEP
24576:bbLgdeQhfdmMSirYbcMNgef0QeQjG/Drt/8uME7A4IgxZ4RS/3DtDP:bnjQqMSPbcBVQej/f3R8s3R
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Contacts a large (3239) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1