General
-
Target
0636efc4ba52127196acae91afa113e2_JaffaCakes118
-
Size
5.0MB
-
Sample
240428-2ftpnabb61
-
MD5
0636efc4ba52127196acae91afa113e2
-
SHA1
be34539aa752513108b5a4f5fbbacb91835e74f8
-
SHA256
8bbab918a16a0d1f71a56893042b37d9bccba90e5b04c074ed8bd4fd755cc02f
-
SHA512
da78c335edcc29715f8527f503f57cffd46b3417fa69eb55d16ccec369e0c8a8cff342c89afba06f96f4a542b2600070bad03211f728d3840c8eb84b4bd18f9a
-
SSDEEP
49152:snjQqMSPbcBV1+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEau3R8SSS:M8qPoBfcSUDk36SAEdhvxWa9P593R8w
Malware Config
Targets
-
-
Target
0636efc4ba52127196acae91afa113e2_JaffaCakes118
-
Size
5.0MB
-
MD5
0636efc4ba52127196acae91afa113e2
-
SHA1
be34539aa752513108b5a4f5fbbacb91835e74f8
-
SHA256
8bbab918a16a0d1f71a56893042b37d9bccba90e5b04c074ed8bd4fd755cc02f
-
SHA512
da78c335edcc29715f8527f503f57cffd46b3417fa69eb55d16ccec369e0c8a8cff342c89afba06f96f4a542b2600070bad03211f728d3840c8eb84b4bd18f9a
-
SSDEEP
49152:snjQqMSPbcBV1+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEau3R8SSS:M8qPoBfcSUDk36SAEdhvxWa9P593R8w
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3200) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-