General
-
Target
1307057e6fadcf0d67764b9b44a679f9_JaffaCakes118
-
Size
5.0MB
-
Sample
240504-rdknvsah48
-
MD5
1307057e6fadcf0d67764b9b44a679f9
-
SHA1
4613beaee1e9b76a80fe801e1f60be094e7dcea7
-
SHA256
0e1ab75ab474f63458548f47eaa4f81564a8259adb2514db69154ba1ae3f5248
-
SHA512
9abf5383d89d6dfd4cd3b4ebe27e0724a3d1c7e131c49f48c5f57e5d3bbacc7f36842e146da421d49a544332fdc8b6ef6a692155ba662976ade3eba805261b6c
-
SSDEEP
98304:TDqPoBhz1aRxcSUDk36SAEdhvxWa9P593e/:TDqPe1Cxcxk3ZAEUadze/
Malware Config
Targets
-
-
Target
1307057e6fadcf0d67764b9b44a679f9_JaffaCakes118
-
Size
5.0MB
-
MD5
1307057e6fadcf0d67764b9b44a679f9
-
SHA1
4613beaee1e9b76a80fe801e1f60be094e7dcea7
-
SHA256
0e1ab75ab474f63458548f47eaa4f81564a8259adb2514db69154ba1ae3f5248
-
SHA512
9abf5383d89d6dfd4cd3b4ebe27e0724a3d1c7e131c49f48c5f57e5d3bbacc7f36842e146da421d49a544332fdc8b6ef6a692155ba662976ade3eba805261b6c
-
SSDEEP
98304:TDqPoBhz1aRxcSUDk36SAEdhvxWa9P593e/:TDqPe1Cxcxk3ZAEUadze/
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3259) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-