Overview

overview

10

Static

static

3

219407ddfd...18.dll

windows7-x64

10

219407ddfd...18.dll

windows10-2004-x64

10

Resubmissions

07-05-2024 20:40

240507-zgdcyshf22 10

07-05-2024 20:22

240507-y5xaasea5y 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    219407ddfd792bd58cba6b267ddef3cc_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240507-y5xaasea5y

  • MD5

    219407ddfd792bd58cba6b267ddef3cc

  • SHA1

    d5d64075255259f871b68dd1f6c67a5dfac1bb09

  • SHA256

    6bb91cc643e06254aea95a04a3660c5ac4906d7a812336d3e13c0c586185005c

  • SHA512

    5a3811a7ec1ca207d868701b7964ea6d0d07d5799f9ddd5997803c054a6ae6a6471d1efe50e8df2e689e9bb70e7cbd911b146a20d2f627b9c143c83ce5654c13

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S9I5c/bXZROAx:+DqPoBhz1aRxcSUDk36SQc/J

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      219407ddfd792bd58cba6b267ddef3cc_JaffaCakes118

    • Size

      5.0MB

    • MD5

      219407ddfd792bd58cba6b267ddef3cc

    • SHA1

      d5d64075255259f871b68dd1f6c67a5dfac1bb09

    • SHA256

      6bb91cc643e06254aea95a04a3660c5ac4906d7a812336d3e13c0c586185005c

    • SHA512

      5a3811a7ec1ca207d868701b7964ea6d0d07d5799f9ddd5997803c054a6ae6a6471d1efe50e8df2e689e9bb70e7cbd911b146a20d2f627b9c143c83ce5654c13

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6S9I5c/bXZROAx:+DqPoBhz1aRxcSUDk36SQc/J

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3198) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks