General
-
Target
2024-12-26_b688640496e9c53dc8761d4cb53f2781_wannacry
-
Size
3.6MB
-
Sample
241226-2l1edstld1
-
MD5
b688640496e9c53dc8761d4cb53f2781
-
SHA1
298790a7f7fdfb164502f4ba13f4f0326a02f39b
-
SHA256
1418d7f0d1df0f40eda9924f5aed3f66f23be761b68ebf51596ab4abf1d48b22
-
SHA512
f99d41a4db89910db6bc457d3b17d143e355c56a925ae63b4cc9effa5f0bea778519ad9c1ae6303b50e7480e5bfe6ab946c4fe0e2773f9a8102632764357099f
-
SSDEEP
6144:8E9l9ynqIYVTH5DgSg8ajldktM0XXrP2QhMV9qb:8ebLgPlu+QhMb
Malware Config
Targets
-
-
Target
2024-12-26_b688640496e9c53dc8761d4cb53f2781_wannacry
-
Size
3.6MB
-
MD5
b688640496e9c53dc8761d4cb53f2781
-
SHA1
298790a7f7fdfb164502f4ba13f4f0326a02f39b
-
SHA256
1418d7f0d1df0f40eda9924f5aed3f66f23be761b68ebf51596ab4abf1d48b22
-
SHA512
f99d41a4db89910db6bc457d3b17d143e355c56a925ae63b4cc9effa5f0bea778519ad9c1ae6303b50e7480e5bfe6ab946c4fe0e2773f9a8102632764357099f
-
SSDEEP
6144:8E9l9ynqIYVTH5DgSg8ajldktM0XXrP2QhMV9qb:8ebLgPlu+QhMb
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Contacts a large (3309) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1