Rewterz Threat Alert – BlackCat Ransomware – Active IOCs
March 8, 2022Rewterz Threat Alert – Ryuk Ransomware – Active IOCs
March 8, 2022Rewterz Threat Alert – BlackCat Ransomware – Active IOCs
March 8, 2022Rewterz Threat Alert – Ryuk Ransomware – Active IOCs
March 8, 2022Severity
High
Analysis Summary
WannaCry – aka WCry or WanaCrptor – is one of the most dangerous ransomware infections that initially surfaced in a worldwide strike in May 2017, affecting over 150 nations. This ransomware outbreak in 2017 wreaked havoc on hospitals, banks, and telecommunication firms all around the world. It has worm-like qualities and uses the SMBv1 vulnerability EternalBlue to propagate through a computer network. WannaCry encrypts user data and demands a Bitcoin payment in order to unlock them.
Impact
- File Encryption
Indicators of Compromise
Filename
- WannaCry[.]exe
MD5
- 24f32da258b8c42c71abfb7577fb35a8
- 984aacb68dbc13c0e9cb3aa441f69744
SHA-256
- 925b3acaa3252bf4d660eab22856fff155f3106c2fee7567711cb34374b499f3
- 4ae07a745c2c1d3dd0a42cd4da62336106a6c109ad2010092cb830dba106b414
SHA-1
- 762764822ea195640455e0cef916a0772db58686
- db0b746022231eccdaf345afd1d88f585931bfed
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.