General
-
Target
ad31ca449f285250368196306a8ad77a.dll
-
Size
5.0MB
-
Sample
250115-xmgw8atjal
-
MD5
ad31ca449f285250368196306a8ad77a
-
SHA1
abefa604d54027fac646df910a9ecbc462b01ec2
-
SHA256
962caf150b14b5804de96484e8b911f93fcb26ab11f7e713d3f0c02a211c2577
-
SHA512
57700c858fd9f1b3bea65af6a75fc9770a8b7b98ae195b3d53d62a4d315012ea28cc28a4e2e7dc55e137e5611cf049f0cfe4ffc6110e3bfe22a437cb52af7c15
-
SSDEEP
49152:Sn+qMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:++qPoBhz1aRxcSUDk36SAEdhvxWa9
Malware Config
Targets
-
-
Target
ad31ca449f285250368196306a8ad77a.dll
-
Size
5.0MB
-
MD5
ad31ca449f285250368196306a8ad77a
-
SHA1
abefa604d54027fac646df910a9ecbc462b01ec2
-
SHA256
962caf150b14b5804de96484e8b911f93fcb26ab11f7e713d3f0c02a211c2577
-
SHA512
57700c858fd9f1b3bea65af6a75fc9770a8b7b98ae195b3d53d62a4d315012ea28cc28a4e2e7dc55e137e5611cf049f0cfe4ffc6110e3bfe22a437cb52af7c15
-
SSDEEP
49152:Sn+qMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:++qPoBhz1aRxcSUDk36SAEdhvxWa9
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Wannacry family
-
Contacts a large (3172) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-