General
-
Target
2c2f910e67c719b5a9b58c19a85409e1_JaffaCakes118
-
Size
5.0MB
-
Sample
240509-279vysfg35
-
MD5
2c2f910e67c719b5a9b58c19a85409e1
-
SHA1
0de249d9881bd73288680c784c7471bbbad4850c
-
SHA256
b29dfbe67e3703210820554e11cb2704e731117ba69ec2a45488816b1b46a088
-
SHA512
df8e701143ec8b1d832a3309f01e0a320a21a78ebd33ed34f25bad8a905c29f734469e0b1b14780b2e7beb9b8238001ec447b6511164ccc448ecc0ee915e0af8
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593iH:+DqPe1Cxcxk3ZAEUadziH
Malware Config
Targets
-
-
Target
2c2f910e67c719b5a9b58c19a85409e1_JaffaCakes118
-
Size
5.0MB
-
MD5
2c2f910e67c719b5a9b58c19a85409e1
-
SHA1
0de249d9881bd73288680c784c7471bbbad4850c
-
SHA256
b29dfbe67e3703210820554e11cb2704e731117ba69ec2a45488816b1b46a088
-
SHA512
df8e701143ec8b1d832a3309f01e0a320a21a78ebd33ed34f25bad8a905c29f734469e0b1b14780b2e7beb9b8238001ec447b6511164ccc448ecc0ee915e0af8
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593iH:+DqPe1Cxcxk3ZAEUadziH
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3270) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-