← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
WannaCry
WHITE NSO Group - Pegasus OctoSeek 2024-02-01 Modified: 2024-03-02
11691
IOCs
HIGH VOLUME
WannaCry ransomware explained. WannaCry is an example of crypto ransomware, a type of malicious software (malware) used by cybercriminals to extort money
contactedtsara brashearsurls urlfilespegasusdomainscellbritetargets sasurvivorapple iosexecutionlockbitmalwarecoreawfulhacktoolcryptoransomexxquasarasyncratbot networkloaderransomwarewannacrycryptorencodercompilerwin32 dllpe32intelms windowsms visualwin32 dynamiclink librarywin16 nepe32 compilervs98containedw englishinfo compilerproductsheader intelname md5typelanguageoverlayas133618unknowncnameunitedgermany unknownukraine unknownireland unknownvirgin islandsas47846as39084 rinetdateencryptnextmicrosoft visual c++ v6.0as133618 trellian pty. limiteddynamicloaderhight1063yara rulemediumspoofshigh securitysoftwarediscoveryattemptsaprildropperreads selfbotsconnectbotnetsabeylibelmenacingbrother sabeyas15169 googleaaaasearchname serversas29182 jscrussia unknownfounderror
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Trojan:Win32/WannaCry.350
Indicators of Compromise (62 / 11691 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain URL hostname FilePath CVE email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 b5f39007c3de62777b9f6f279644fedffacaf16e SHA1 of 0001f1c24ca83ead3fa847198d3935d66de76fc2d9d3fb9b8245cbd7fa5bc247 2024-02-01
FileHash-SHA1 5dace20258e5697635e5f59958f61449d85d6b93 SHA1 of 000361abbe97f10e37717557f0074523b51a1615d96053f01da04cdacf581ade 2024-02-01
FileHash-SHA1 f8f553ac79798f6314a71f2cf03740168aaa0bc3 SHA1 of 0024e50077f183f60d408cfbe776dc1e1a0469793ffb538007147dda55aaf677 2024-02-01
FileHash-SHA1 0cd39679167b8b7c9f87ee03dd3a81971c355e30 SHA1 of 000132f0480c29a1fab4aef700f0815a267b1e335c834654c239ca9208190733 2024-02-01
FileHash-SHA1 af7770d74addd473a0da0632fdfd29345d893702 SHA1 of 00006ce40a0c33fda4b8908a3acc95a7c6658edd51ca1f692d8b6e7c8cfb8c19 2024-02-01
FileHash-SHA1 02cdefb3911d0a73e021c15cf08c3eb0d115ca8d SHA1 of c2296e84f8006015a4c8de90ca33a2dafe61d6fd8a9a250dc3f3323fa71496a5 2024-02-01
FileHash-SHA1 04ae6c5ee39ae1f56bae5e91ecaafb7f7cbee5c7 SHA1 of 000ce16aa593d3de6ee74dc23d0ef231a77383c7545990d32c47f038314d0051 2024-02-01
FileHash-SHA1 05e65ee95f647f38c717c73a0399870912dd374a SHA1 of 3468e0c875db94a8f45d56ab76bbcc677b942ca51a23649ba3c5ad1b20e391f1 2024-02-01
FileHash-SHA1 0de5658b353d3b3ad471c0a2aabaaaaf6241fd08 SHA1 of 0000aa64e646b3f4a13d692ec3dd7ea2c04c28a9c4b37ff3186bdbe45dec6f65 2024-02-01
FileHash-SHA1 0f76499011ca1fbee2aefdac1c62aa8176adfe29 SHA1 of 0001b8b90088e0a5759863e26cde14821526f66c707f6f9ca72fdd8aabde7ccf 2024-02-01
FileHash-SHA1 1afb8487c05cd1d332a3df36c3cdf5a981d87909 SHA1 of 003e385a51f205b90f1bd1c60e4f2ea3c5dbb3866b17427fd1b82b59318708f3 2024-02-01
FileHash-SHA1 2472c96b834f22a49a36c2e20a6c3fc00a3ddc2f SHA1 of 24051d18e3365b917c740dc5ec61c6e7d195d0384f5712c6a00396564c403d2b 2024-02-01
FileHash-SHA1 250f411a1e602ff07d5a8316efdbc489d966b626 SHA1 of 000008f6750082ab37f16c85edba1de6e8cb43a97feb0499b93a81c77a7bfdfc 2024-02-01
FileHash-SHA1 27020a156c8198c4fde8bde4c0f85b7d066e6a26 SHA1 of 00230806e176a9a4b6953824aae1f7d04dc5a57bf8f31a08531f07d5abffc81c 2024-02-01
FileHash-SHA1 333951f50e9d2d23af6252d8328b6548831e14e9 SHA1 of 12f23f671492bafa574f927b04df701aa60ce6360d8d7c1627e58a35c3095a19 2024-02-01
FileHash-SHA1 3ac1b773775e87b81c9b73a5863adb07878130cf SHA1 of 00b10b8a8337a046bb47fda25e33be1c9a9c4fcb7092402bc0ef5adcbbe02cd4 2024-02-01
FileHash-SHA1 3d2ec6c639de523858da9b976abd4ec5f253ed9a SHA1 of 000294c708bdd9ddbfad3f527da950bbc9026cf4f7b19f2850b0ae97b09d5268 2024-02-01
FileHash-SHA1 41d6ff79879dd235dbe14d362e2123200d880205 SHA1 of 00029e18d3be11250d0721f502bb761bf7a4574b791842ed76616397f5258df6 2024-02-01
FileHash-SHA1 4844b72973af7104aa329c59a2b740257a1f55d0 SHA1 of 00158a161d55d914a09c6398b1668df120ae9ca074afb50192e2b8a53269f2d5 2024-02-01
FileHash-SHA1 4ab36f9be55bc85d95a6bb1801c7f0e979be2443 SHA1 of 00000eeca7589605cbf6372293444d14a49129a520a91a9d6889ebd0613445aa 2024-02-01
FileHash-SHA1 4f03682e9fc0365b2943f1041444f382581537ae SHA1 of 3ded916797bdcb7380459cde145b8471644b5f523d14fa9039ab178d19752821 2024-02-01
FileHash-SHA1 4f3a8caf7a63c373e2216d025dffe0a7566c74c9 SHA1 of 00034d3f2cff0402bf6d6bff9f131071ae08cfdf964203493c4466969b6d4b78 2024-02-01
FileHash-SHA1 534abc2d7afcd35196cb2caea043dcd8cfaa6bd4 SHA1 of 0002550f83c2429e58ad5cbc10c582a57b6c1fcff0779e79d5c32891091d6bc9 2024-02-01
FileHash-SHA1 5366788cdbab506b49840f9c2a66257c36303c9b SHA1 of 00000b8805181ec473d0283209920ad2bd4c6c099b6894581ac94aa1bc20fdec 2024-02-01
FileHash-SHA1 56e5c31739c10400d28fd56e445462251bc6b64e SHA1 of 00000ae84c4f1f2332ef155130b4b8d65f1ed972a9cd851fe9e85f236f8cfa32 2024-02-01
FileHash-SHA1 57a9ad41a989b7e1a25698b2ae6b1cac4ef07dc6 SHA1 of 1baf3db733e3284eba8e6bb01e40d8b7fbd326c9e8930f99c0f99d93598443e9 2024-02-01
FileHash-SHA1 61f0a37e1be6322acf25b342f9698039a2161850 SHA1 of 003e025d2271c52c7f8fd86ccb3d03a652b145f5c7351f1b5791194180c4474a 2024-02-01
FileHash-SHA1 61f9192e0fd99f30afec740da65f98ed8e3627d3 SHA1 of 0001eb229175ef5690be7fa3bb5b8e701b9bbdd874324fa72a9d6ed5fe109401 2024-02-01
FileHash-SHA1 62b0f0434851898e0f51b040c16efb7ca8df1a7b SHA1 of 074b9e8e53a3afc1bd1704de94f3ac9b8f7e57bd6dacee130018e4c59f364ca5 2024-02-01
FileHash-SHA1 6631724b1984e856354759e22b5451040a49978a SHA1 of 0007869cca91c9d46a0ef17fca8deff347c89f1dbfff3e1f7c9cf4acea0ba88e 2024-02-01
FileHash-SHA1 66f1319a18b4a4d13f163e0eb9a58da7c59d1695 SHA1 of 0003710ce6e0ab5899cd2048f8ee507b7a38c823cdaa78ba1506be913e8754c9 2024-02-01
FileHash-SHA1 79063158957f93d3e68bc32b45ad618d2537a218 SHA1 of 0001b78815d60f92fbb8c7d623be77f68fd9f848cd54567f2845f9e87ce3f9fc 2024-02-01
FileHash-SHA1 853ad0306b0b5b762faf671d4957363abba58edf SHA1 of 07bd21e95bd2447ef02df1a56852a4e691a592a03151f1a099c1208fccb08abb 2024-02-01
FileHash-SHA1 8b2b18ac77e7301770f9b62a1fa86829f3c7ffb2 SHA1 of 33c2f0f2c82f55eccdc5272a88763869e303066b2e5e40c47b25b2d58edf7cda 2024-02-01
FileHash-SHA1 9c17d822611a30f0e8cade3477e7f66d4bb9d06c SHA1 of 000297737263264d5bab4be8f8abf0b28f718255efce9d021d10c6db71ce062b 2024-02-01
FileHash-SHA1 a30fa98efc092684e8d1c5cff797bcc613562978 2024-02-01
FileHash-SHA1 a46025b9d05e3df30d610a8aef14f392c7058dc9 SHA1 of 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 2024-02-01
FileHash-SHA1 a6186d98e4579f6802b4e4bee551833da2f3f302 SHA1 of 0000028f80066ad99544cc7a79caa649ee72eca2711b1b1128df61ffd13b0657 2024-02-01
FileHash-SHA1 a65d898602bc5f9a474d738b874789645dc60273 SHA1 of 001e8c4394c42b4558588350da420c4226e21411905dbf13b9f323847e8be442 2024-02-01
FileHash-SHA1 aa94652b7384e93df05024516140bf3a3de5ea6e SHA1 of 0000cf372566d5c25954f185a35569771fab74c56bb6545ada9038cd3ba73de0 2024-02-01
FileHash-SHA1 aee3c48543f0fa215f9239da87d5da75fd93a793 SHA1 of 019b752fbfbfeca83ca459bfd78b7db1d5755b26fb90477fedfd68dfa3f78c69 2024-02-01
FileHash-SHA1 b1a03b66a98075b6c5797fbeee2abbd19293b433 SHA1 of 00002c16fbbc9a7bae8e379d6b91738aac993e908c92a765e12c1d424f74e5ca 2024-02-01
FileHash-SHA1 b1cdd6ccc14f5f65bef59975667d6306a1cd07b3 SHA1 of 0001c1409b360fc8e1b6933d20c7bfa42e1f5d7bc1593a5057a96930e0b53488 2024-02-01
FileHash-SHA1 b8a01d9f63fad8ed049b3dd245fbe63b3430a0c1 SHA1 of 01a96f44191d8eb10c8ed7fcbe1e626860af0d350d85974a033f753f669f7911 2024-02-01
FileHash-SHA1 b959a9cc5fc695e0de519d46d6a8e28793930dde SHA1 of 00004f0d2525749eb41f911902b3fd96ad6803f3fd4c6dc0e2046dc37f8edefc 2024-02-01
FileHash-SHA1 baebdc4f9f9cd38ef5a68af88a74fe4c95773dfd SHA1 of 3189f64435b8f61a9b6fe91c38551a5a574eefb6fc186bed75c9947b1f487ca4 2024-02-01
FileHash-SHA1 cd40f9470c3a1978c0abdb0e0324b644e36b9d95 SHA1 of 0000bbe2b06bd5b8a235cbe831da507991657d2c3191d142acff6bbded794833 2024-02-01
FileHash-SHA1 d00626fe2d3e0d8ea5d735514dbae36e1cc44e12 SHA1 of 0b4d8191c0a314caf8139d320e785739abb8f08363fab7dc37ceb87870c6e65e 2024-02-01
FileHash-SHA1 d276deee58156400da6aa6215a82e38adcc583c4 SHA1 of 00028a6a8afdef1ae3703e818ba5e9b64245863f0d2dda34e3110e9b11c81212 2024-02-01
FileHash-SHA1 ddfe3c9cd522d14decb1714f3232cdf9b086a9c6 SHA1 of 000127d103774b0e83a9c96a7a51cafe834ed0bec78450b3b86ef38e7cd02727 2024-02-01
FileHash-SHA1 dec44f1a28b2944895867ddfc2b5a7a8591dc707 SHA1 of bb845f5f4858d488b601f0e0f4ac423d3f5a0a6ac81a455927245194752e9dc2 2024-02-01
FileHash-SHA1 def92cd1a39062567e89304472236725d1cf8ebd SHA1 of 000002f1558a89f29984934d511289491032f9e96a249c12f2f6d42678264114 2024-02-01
FileHash-SHA1 e1f67fdde289790348fff5c2bf7d98fb3ea84cda SHA1 of 00133805d692da064e8e47b1d06298998764c5284606bbcd79ef753ca68cac41 2024-02-01
FileHash-SHA1 e20d29ab25d87e67094d6ef4790c5e92cc978627 SHA1 of 000da465080fdbdcf74e9ae8fd3d3a65cc070875c2fd1b660eaa38f97fb50e75 2024-02-01
FileHash-SHA1 e68cdb320220cb46073cfa45ada519fd4e75d7e0 SHA1 of 671425187f3ec0da502d2e6b760de93661c1cf5381f81d21c64c6015fbcde2b3 2024-02-01
FileHash-SHA1 ea9f8fd12805f385ed8bb88dc6e0fe62c653856d SHA1 of 000023276a724ec32da7cd0d2c828b1397f18b74d54a05d1afacf6255441014a 2024-02-01
FileHash-SHA1 f15d3fb965c6cb72842067b0153bacd55ecc53b2 SHA1 of 1877da8837462c05ab2466eac66cbc3966be3232cc1629590ef3705fbac442af 2024-02-01
FileHash-SHA1 fd4c2cbe7eaad6f1d7f15bad5d30fff4b63b7858 SHA1 of 000f4b1411746909f5a37b7104436144cdaf91c3fe1a8281361a7661dd2e4e3b 2024-02-01
FileHash-SHA1 29e2dcfbb16f63bb0254df7585a15bb6fb5e927d SHA1 of 693e9af84d3dfcc71e640e005bdc5e2e 2024-02-01
FileHash-SHA1 3c12dc4d54f8e22d666785b733b0052100c53444 2024-02-01
FileHash-SHA1 15358b9c48b301e4f3f471266f9c4203c00f7eaa 2024-02-01
FileHash-SHA1 2ec49b383fbc2da9d8953ced39772e8659adf9cf 2024-02-01
References (23)
↗ https://www.instagram.com/unipegasus_infotech_solutions/?hl=en (dang) ↗ cellebrite.com | enterprise.cellebrite.com ↗ http://pegasus.diskel.co.uk/ | china.pegasus-idc.com | imap.pegasustech.ne ↗ deviceinbox.com ↗ 671425187f3ec0da502d2e6b760de93661c1cf5381f81d21c64c6015fbcde2b3 ↗ c1a99e3bde9bad27e463c32b96311312.virus ↗ CS Yara rule:WannaCry_Ransomware from ruleset crime_wannacry by Florian Roth (Nextron Systems) (with the help of binar.ly) ↗ CS Yara rule:SUSP_Imphash_Mar23_2 from ruleset gen_imphash_detection by Arnim Rupp (https://github.com/ruppde) ↗ CS IDS rule: (icmp4) ICMP destination unreachable communication administratively prohibited ↗ CS IDS rule: (port_scan) TCP filtered portsweep ↗ CS IDS rule: (stream_tcp) data sent on stream after TCP reset received ↗ CS IDS rule: ET DROP Spamhaus DROP Listed Traffic Inbound group 14 ↗ CS Sigma Rule: Creation of an Executable by an Executable by frack113 ↗ Trojan:Win32/WannaCry.350 ↗ https://www.sweetheartvideo.com/tsara-brashears/ [Bot Network] ↗ angebot.staude.de ↗ https://otx.alienvault.com/indicator/file/1b7a83a7a35418afa60e88eabcb9fd5a8689700bba20dadb5fbad4e197ce1f1e ↗ https://cura360.com/foldawheel-phoenix-fully-powered-standing-wheelchair?utm_source=google&utm_medium=PLA&gad_source=1&gclid=EAIaIQobChMIw92wtdnigwMVhV9HAR126wDrEAQYASABEgJ_aPD_BwE ↗ https://www.anyxxxtube.net/search-porn/tsara-brashears/ ↗ https://www.sweetheartvideo.com/tsara-brashears/ ↗ https://www.pornhub.com/gifs/search?search=tsara+lynn+brashears+lesbian ↗ https://pin.it/ [Pinterest BotNetwork for Pegasus] ↗ http://joshuajenkinslaw.com/uploads/1/3/0/6/130639888/xetetorobezaj.pdf [redirect] http://joshuajenkinslaw.com/uploads/1/3/0/6/130639888/