• A model of a detailed report is shown in the below link , so we can create our own report with the evidences that has been collected during the analysis and write it as a simialr report.

REPORT LINK :

https://www.fireeye.com/blog/threat-research/2017/05/wannacry-malware-profile.html

REMEDIATIONS

1. Patch everything to the latest patch level
2. Allow the kill-switch domain resolution in the firewall/proxy
3. Network segmentation
4. Disable SMBv1
5. Firewall rules for port 445
6. Block malicious hashes in your antivirus
7. Block malicious unique filenames in your antivirus

TIMELINE ACTIVITY - WANNACRY