I have put together a little "petri dish" test environment and started looking for a sample that has the exploit. Some samples out there simply do not have the exploit code, and even tough they will encrypt the files locally, sometimes the mounted shares too, they would not spread.
Luckily, I have found this nice blog post from McAfee Labs: https://securingtomorrow.mcafee.com/mcafee-labs/analysis-wannacry-ransomware/ with the reference to the sample SHA256: 24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c (they keep referring to samples with MD5, which is still a very-very bad practice, but the hash is MD5: DB349B97C37D22F5EA1D1841E3C89EB4)
Once I got the sample from the VxStream Sandbox site, dropped it in the test environment, and monitored it with Security Onion. I was super happy to see it spreading, despite the fact that for the first run my Windows 7 x64 VM went to BSOD as the EthernalBlue exploit failed.
But the second run was a full success, all my Windows 7 VMs got infected. Brad was so kind and made a guest blog post at one of my favorite sites, www.malware-traffic-analysis.net so you can find the pcap, description of the test environment and some screenshots here: http://malware-traffic-analysis.net/2017/05/18/index2.html
Related links
- Pentest Tools Website
- Hacking Tools For Games
- Hacker Techniques Tools And Incident Handling
- Hack Tools Download
- Pentest Tools Free
- Pentest Tools Framework
- Pentest Tools Android
- Pentest Tools Url Fuzzer
- Hacking Tools For Windows Free Download
- Hacking Tools Mac
- Bluetooth Hacking Tools Kali
- Hacking Tools For Windows Free Download
- New Hack Tools
- Pentest Tools Windows
- Hack Tools For Mac
- Hack Tools Mac
- Hacking Tools 2020
- Ethical Hacker Tools
- Hack Apps
- Hack Tools Online
- Growth Hacker Tools
- Best Hacking Tools 2020
- Termux Hacking Tools 2019
- Underground Hacker Sites
- Black Hat Hacker Tools
- Pentest Tools Tcp Port Scanner
- Hackers Toolbox
- What Are Hacking Tools
- Pentest Tools Website Vulnerability
- Hack Tools For Ubuntu
- Beginner Hacker Tools
- Kik Hack Tools
- Hacking Tools Kit
- Install Pentest Tools Ubuntu
- Hacking Tools 2019
- Pentest Tools List
- Hacking Tools For Games
- Hacker Tools 2020
- Hacking Tools For Kali Linux
- Pentest Tools List
- Hacking Tools And Software
- Hack App
- Hacking Tools Name
- Hacker Tools 2020
- Hack Tools Github
- Hacker Tools Apk
- Nsa Hack Tools Download
- Beginner Hacker Tools
- Hacker Tools Apk Download
- Hacking Tools Hardware
- Hack Tools Download
- Hack Tools For Mac
- New Hacker Tools
- Hacks And Tools
- Hacker Security Tools
- Usb Pentest Tools
- Hacking Tools For Windows 7
- Hacking Tools Mac
- Hacking Tools Hardware
- Pentest Tools Download
- Pentest Tools Subdomain
- Pentest Tools Apk
- Hacking Tools Windows 10
- Pentest Tools Linux
- Hacking Tools Software
- World No 1 Hacker Software
- Pentest Automation Tools
- Best Hacking Tools 2019
- Hack Apps
- Pentest Tools Kali Linux
- Pentest Box Tools Download
- Hacking Tools Name
- Hacking Tools Hardware
- Pentest Tools Tcp Port Scanner
- Free Pentest Tools For Windows
- How To Hack
- Pentest Tools Review
- Hacking Tools Name
- Pentest Tools Alternative
- Hacker Tools Windows
- Best Pentesting Tools 2018
- Nsa Hack Tools Download
- Nsa Hack Tools Download
Aucun commentaire:
Enregistrer un commentaire