DNS Domains linked to WannaCry ransomware campaign
Displays client DNS request for any of the known domains linked to #WannaCry. These results may indicate #Wannacry #Wannacrypt ransomware infection. Domain listing from https://pastebin.com/cRUii32E
Source: Github - Microsoft
MITRE ATT&CK Tactics
It is recommended to review the Firewall\Webproxy logs in relation to the ClientIP making the WannaCry requests.
Quarantine suspected host and perform a full antimalware scan.