Overview

overview

10

Static

static

3

07a5d326b1...18.dll

windows7-x64

10

07a5d326b1...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07a5d326b196d166dc0618e7c25ac2b5_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240429-pg9q2sac56

  • MD5

    07a5d326b196d166dc0618e7c25ac2b5

  • SHA1

    7a23e2ef0682cfb8813a27dc559da187f9e178f5

  • SHA256

    5d7fa45d2fcb10893ee5bdbfc4b16bdeeffd34aa5791331332a8bbb1015cb63b

  • SHA512

    38088c24dacd01b7ecdef5afdbcbff2ee723bdea65d4e7138c5007b2de823aecd9db2f5e970ea4c132fac2938525b984d94dcc7c8d01af952bd79006b64ddfc2

  • SSDEEP

    98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8s3:d8qPe1Cxcxk3ZAEUadzR8s

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      07a5d326b196d166dc0618e7c25ac2b5_JaffaCakes118

    • Size

      5.0MB

    • MD5

      07a5d326b196d166dc0618e7c25ac2b5

    • SHA1

      7a23e2ef0682cfb8813a27dc559da187f9e178f5

    • SHA256

      5d7fa45d2fcb10893ee5bdbfc4b16bdeeffd34aa5791331332a8bbb1015cb63b

    • SHA512

      38088c24dacd01b7ecdef5afdbcbff2ee723bdea65d4e7138c5007b2de823aecd9db2f5e970ea4c132fac2938525b984d94dcc7c8d01af952bd79006b64ddfc2

    • SSDEEP

      98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8s3:d8qPe1Cxcxk3ZAEUadzR8s

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3195) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Modifies file permissions

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks