General

  • Target

    2025-02-01_4c26909b1673d91aba4e71bc14880c60_wannacry

  • Size

    5.0MB

  • Sample

    250201-wcpcwavpar

  • MD5

    4c26909b1673d91aba4e71bc14880c60

  • SHA1

    6a1d4cc24650ff953542022e600ff6e9f2e91bc4

  • SHA256

    505e3a369785afafe75e37efea31e86354766fca3761058679d0aad94175eb5d

  • SHA512

    ed288b85f88070951dc5605d4e092a0d61344613d319c3d2f52e00279723d38695f15a885591af483b46c6abc48da8c6ab45bf7f45d10a0c99ff12ef238acfbd

  • SSDEEP

    98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:XDqPe1Cxcxk3ZAEUadzR8yc4H

Malware Config

Targets

    • Target

      2025-02-01_4c26909b1673d91aba4e71bc14880c60_wannacry

    • Size

      5.0MB

    • MD5

      4c26909b1673d91aba4e71bc14880c60

    • SHA1

      6a1d4cc24650ff953542022e600ff6e9f2e91bc4

    • SHA256

      505e3a369785afafe75e37efea31e86354766fca3761058679d0aad94175eb5d

    • SHA512

      ed288b85f88070951dc5605d4e092a0d61344613d319c3d2f52e00279723d38695f15a885591af483b46c6abc48da8c6ab45bf7f45d10a0c99ff12ef238acfbd

    • SSDEEP

      98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:XDqPe1Cxcxk3ZAEUadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3278) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks