Overview

overview

10

Static

static

3

329337cbd4...18.dll

windows7-x64

10

329337cbd4...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    329337cbd4fbb25d3b9eb8098a05fbea_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240511-eesdwabg71

  • MD5

    329337cbd4fbb25d3b9eb8098a05fbea

  • SHA1

    8eb1968de87d07137bb18d874ef8122c76955ec3

  • SHA256

    cf0baf64cab66f58b487621492d757ba5353f870c7c6c3d82e39f51886f2eb4e

  • SHA512

    9b598870b45d89c4b04efffdecfc78d1e64314ec1f17be27530a2e96404ced651f35ac02425eb824918572a6382a93a806f3b136a44b7d84d95f9fa7d114a87e

  • SSDEEP

    49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAIaEau3R8yAH1plAH:d8qPoBhz1aRxcSUDk36SAf3R8yAVp2H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      329337cbd4fbb25d3b9eb8098a05fbea_JaffaCakes118

    • Size

      5.0MB

    • MD5

      329337cbd4fbb25d3b9eb8098a05fbea

    • SHA1

      8eb1968de87d07137bb18d874ef8122c76955ec3

    • SHA256

      cf0baf64cab66f58b487621492d757ba5353f870c7c6c3d82e39f51886f2eb4e

    • SHA512

      9b598870b45d89c4b04efffdecfc78d1e64314ec1f17be27530a2e96404ced651f35ac02425eb824918572a6382a93a806f3b136a44b7d84d95f9fa7d114a87e

    • SSDEEP

      49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAIaEau3R8yAH1plAH:d8qPoBhz1aRxcSUDk36SAf3R8yAVp2H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3309) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks