Overview

overview

10

Static

static

3

1aa0acd4d6...18.dll

windows7-x64

10

1aa0acd4d6...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1aa0acd4d6a9ec78e752ec026eaa9a45_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240506-eegblsba79

  • MD5

    1aa0acd4d6a9ec78e752ec026eaa9a45

  • SHA1

    393eefffd603b15df1a80b3cffd935ad9ccdaf58

  • SHA256

    7d2392eab4acd2e9e85e64f2493b96384d2ff976c504adfc5a763492ac76dfd5

  • SHA512

    f1ddc68600b5d8aa1bc184cfa8a92c0d73196d97114df57e36e37655542c10a26fa9cc57c7ec76423bd99e8946aacd5005908c02d210f103633878095db9d4f1

  • SSDEEP

    12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7S:SbLgddQhfdmMSirYbcMNge

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      1aa0acd4d6a9ec78e752ec026eaa9a45_JaffaCakes118

    • Size

      5.0MB

    • MD5

      1aa0acd4d6a9ec78e752ec026eaa9a45

    • SHA1

      393eefffd603b15df1a80b3cffd935ad9ccdaf58

    • SHA256

      7d2392eab4acd2e9e85e64f2493b96384d2ff976c504adfc5a763492ac76dfd5

    • SHA512

      f1ddc68600b5d8aa1bc184cfa8a92c0d73196d97114df57e36e37655542c10a26fa9cc57c7ec76423bd99e8946aacd5005908c02d210f103633878095db9d4f1

    • SSDEEP

      12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7S:SbLgddQhfdmMSirYbcMNge

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3253) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks