General
-
Target
32264f7f93e5bc059a4e45e2ae6e4ff4_JaffaCakes118
-
Size
3.6MB
-
Sample
240511-cd6h1ahf28
-
MD5
32264f7f93e5bc059a4e45e2ae6e4ff4
-
SHA1
31fe65c421125b69504f5f4e6d5ff2895d7d08d2
-
SHA256
727e7cfd9b2d8cd1b877c949e3fe788da55457e154766bd8a1ad0d1b6625e63b
-
SHA512
984b0e70d101af29398ec7bca4c9b65fd2e6884ef4e3902e1417c117fd99d038a432e947e6eab4922dd34fa02a7d795bb1657a3f557737f3d44a51ee2d8e4a2a
-
SSDEEP
98304:XDqPoB5aRxcSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqP0Cxcxk3ZAEUadzR8yc4HI
Malware Config
Targets
-
-
Target
32264f7f93e5bc059a4e45e2ae6e4ff4_JaffaCakes118
-
Size
3.6MB
-
MD5
32264f7f93e5bc059a4e45e2ae6e4ff4
-
SHA1
31fe65c421125b69504f5f4e6d5ff2895d7d08d2
-
SHA256
727e7cfd9b2d8cd1b877c949e3fe788da55457e154766bd8a1ad0d1b6625e63b
-
SHA512
984b0e70d101af29398ec7bca4c9b65fd2e6884ef4e3902e1417c117fd99d038a432e947e6eab4922dd34fa02a7d795bb1657a3f557737f3d44a51ee2d8e4a2a
-
SSDEEP
98304:XDqPoB5aRxcSUDk36SAEdhvxWa9P593R8yAVp2HI:XDqP0Cxcxk3ZAEUadzR8yc4HI
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3350) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-