Blog

WannaCry IOCs and Technical Details

May 12th, 2017 by Section 8

Technical Details It is currently unclear whether this payload is delivered via malicious attachment or through the WAN using the FuzzBunch EternalBlue SMB exploit. The malware behaves much like typical ransomware during execution on the victim’s machine. Below are the operations that are ran via cmd.exe: /c vssadmin delete shadows /all /quiet & wmic shadowcopy […]

Read More

WannaCry? You might.

May 12th, 2017 by Section 8

Urgent information regarding WanaCrypt/WannaCry/WCry Ransom-ware Outbreak Today, 12 May 2017, a massive ransomware outbreak has been reported across the globe. There are reports of computer systems completely locked up in Russia, Western Europe, East Asia and North America. British hospitals and a Spanish telecom company have been the largest confirmed victims thus far, along with […]

Read More

Field Offices

Connect With us