General
-
Target
29057932b62403215de35c9f21e2d38c_JaffaCakes118
-
Size
5.0MB
-
Sample
240509-jt12sabb46
-
MD5
29057932b62403215de35c9f21e2d38c
-
SHA1
91eb61a16d478c2c34948f38534447e3560da641
-
SHA256
dfc39b466ba47e71bfce125f8dc481deb8150c7c4737a118b770daf1b96989cc
-
SHA512
5b9a794c3bd9d49fb1ad7cf224bab8d6a304bbca38ead96225489f736d923c901ff676d61e6181a17dceb40490167d2027f6f6ac10a4e670b10126738132c877
-
SSDEEP
98304:+DqPoBo1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:+DqP71Cxcxk3ZAEUadzR8yc4H
Malware Config
Targets
-
-
Target
29057932b62403215de35c9f21e2d38c_JaffaCakes118
-
Size
5.0MB
-
MD5
29057932b62403215de35c9f21e2d38c
-
SHA1
91eb61a16d478c2c34948f38534447e3560da641
-
SHA256
dfc39b466ba47e71bfce125f8dc481deb8150c7c4737a118b770daf1b96989cc
-
SHA512
5b9a794c3bd9d49fb1ad7cf224bab8d6a304bbca38ead96225489f736d923c901ff676d61e6181a17dceb40490167d2027f6f6ac10a4e670b10126738132c877
-
SSDEEP
98304:+DqPoBo1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:+DqP71Cxcxk3ZAEUadzR8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3199) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-