General

  • Target

    2025-05-16_39505b9f80206163db0137a7c9568bdf_elex_wannacry

  • Size

    3.6MB

  • Sample

    250516-a9f7wacj91

  • MD5

    39505b9f80206163db0137a7c9568bdf

  • SHA1

    74d7ad644550a22a86539c8b14b0a31c6f6ab12d

  • SHA256

    a4fe6af39cf3f2e970f5ead212eefb985e253eec4983561b9f23cc333317f8f1

  • SHA512

    6ff0d219fd201486d4ccb333b4361512f1ddb0765e89e180b30a17313caaa94dacc942d7a29c8db378e5e860353e4a4170163808c5bf1dda54bdd85dda4b394d

  • SSDEEP

    49152:2nAQiMSPbcBVQej/++TSqTpo6SAARdhnv1:yDiPoBhz+cSUO6SAEdhv1

Malware Config

Targets

    • Target

      2025-05-16_39505b9f80206163db0137a7c9568bdf_elex_wannacry

    • Size

      3.6MB

    • MD5

      39505b9f80206163db0137a7c9568bdf

    • SHA1

      74d7ad644550a22a86539c8b14b0a31c6f6ab12d

    • SHA256

      a4fe6af39cf3f2e970f5ead212eefb985e253eec4983561b9f23cc333317f8f1

    • SHA512

      6ff0d219fd201486d4ccb333b4361512f1ddb0765e89e180b30a17313caaa94dacc942d7a29c8db378e5e860353e4a4170163808c5bf1dda54bdd85dda4b394d

    • SSDEEP

      49152:2nAQiMSPbcBVQej/++TSqTpo6SAARdhnv1:yDiPoBhz+cSUO6SAEdhv1

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3245) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v16

Tasks