General
-
Target
11e240d70f2e38cecfba1799d8046678_JaffaCakes118
-
Size
5.0MB
-
Sample
240504-kbss5age3z
-
MD5
11e240d70f2e38cecfba1799d8046678
-
SHA1
33b54e5eebec3eab8fa7159015984306fd53c8cb
-
SHA256
d3d6fe7d340bfb8fdaa8be94c959099d860ea3c745ce3a15ac5c21078accc41e
-
SHA512
7b83a0570ee1ec3b11cd1d0bc4ffe14ccf8657fb3a37871be47307a69214cfdbf4920ba05b2cce1d7819609160e177a3db3662f8b3a7b8a3ac04350bcd3d0a32
-
SSDEEP
98304:d8qPoBhz1aRxcSUDkydhvxWa9P593R8yAVp2H:d8qPe1CxcxkyUadzR8yc4H
Malware Config
Targets
-
-
Target
11e240d70f2e38cecfba1799d8046678_JaffaCakes118
-
Size
5.0MB
-
MD5
11e240d70f2e38cecfba1799d8046678
-
SHA1
33b54e5eebec3eab8fa7159015984306fd53c8cb
-
SHA256
d3d6fe7d340bfb8fdaa8be94c959099d860ea3c745ce3a15ac5c21078accc41e
-
SHA512
7b83a0570ee1ec3b11cd1d0bc4ffe14ccf8657fb3a37871be47307a69214cfdbf4920ba05b2cce1d7819609160e177a3db3662f8b3a7b8a3ac04350bcd3d0a32
-
SSDEEP
98304:d8qPoBhz1aRxcSUDkydhvxWa9P593R8yAVp2H:d8qPe1CxcxkyUadzR8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3113) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-