General
-
Target
43b00e1703dfeb0a935396e3de0df394_JaffaCakes118
-
Size
5.0MB
-
Sample
240515-acmcmafb8w
-
MD5
43b00e1703dfeb0a935396e3de0df394
-
SHA1
effb7596cae23a445b1d7e6eadf446b658e785d5
-
SHA256
13df94d531dfa44b57d07c92fb251788d4113e07a7acdf0b8f3f7e81d2f1cfd5
-
SHA512
3ddc3524f37132bc18f38bf677bf3df53329196e36bc6b733b9b0d2df7a4fb6a0d97e711ea0a2208caacb2b7d35ff3e15634d9adbde09bbdec20731f0344d455
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAbxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEadzR8yc4
Malware Config
Targets
-
-
Target
43b00e1703dfeb0a935396e3de0df394_JaffaCakes118
-
Size
5.0MB
-
MD5
43b00e1703dfeb0a935396e3de0df394
-
SHA1
effb7596cae23a445b1d7e6eadf446b658e785d5
-
SHA256
13df94d531dfa44b57d07c92fb251788d4113e07a7acdf0b8f3f7e81d2f1cfd5
-
SHA512
3ddc3524f37132bc18f38bf677bf3df53329196e36bc6b733b9b0d2df7a4fb6a0d97e711ea0a2208caacb2b7d35ff3e15634d9adbde09bbdec20731f0344d455
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAbxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEadzR8yc4
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3334) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-