General
-
Target
3c8dec19fbfc6fae8b1761ff05ef9bb7_JaffaCakes118
-
Size
5.0MB
-
Sample
240513-ztvsrsdf2x
-
MD5
3c8dec19fbfc6fae8b1761ff05ef9bb7
-
SHA1
5666db57416922573fc322175449a1845a7b4b23
-
SHA256
eedc35220eca2721d582c7dc3ec15e71d8e9f8edeedbd402b93bc27834d6d796
-
SHA512
ea6a61f59bedafaca9d1f12978a145ee0dba53c700870f706b1a71e6b72eac902a36d4c9fe2d4532f2d397171e3a67d9b2f8feae5a0941b6fab8f19fcaa2a5be
-
SSDEEP
98304:T8qPoBhz1aRxcSUDk36SAJ593R8yAVp2H:T8qPe1Cxcxk3ZAJzR8yc4H
Malware Config
Targets
-
-
Target
3c8dec19fbfc6fae8b1761ff05ef9bb7_JaffaCakes118
-
Size
5.0MB
-
MD5
3c8dec19fbfc6fae8b1761ff05ef9bb7
-
SHA1
5666db57416922573fc322175449a1845a7b4b23
-
SHA256
eedc35220eca2721d582c7dc3ec15e71d8e9f8edeedbd402b93bc27834d6d796
-
SHA512
ea6a61f59bedafaca9d1f12978a145ee0dba53c700870f706b1a71e6b72eac902a36d4c9fe2d4532f2d397171e3a67d9b2f8feae5a0941b6fab8f19fcaa2a5be
-
SSDEEP
98304:T8qPoBhz1aRxcSUDk36SAJ593R8yAVp2H:T8qPe1Cxcxk3ZAJzR8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3233) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-