General

  • Target

    4913bef3153a460ba000e20dfcfc6bd2_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240516-cms92afh6x

  • MD5

    4913bef3153a460ba000e20dfcfc6bd2

  • SHA1

    251cd89d8176ae36afa8603bc8b4806d40434d19

  • SHA256

    a09267d29f96c96cdae515723511affadecdf4210b4842ad142a25fc445b9946

  • SHA512

    9b7ec4ad9d5fa35476148f9b8740746d7c91b9a4f76bc9723a9f6b17e32bac798e7dcbe427f8885cc45269cebb6a885f72c6207b33c131068b1fba4ae2630fa0

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmiHt:SnAQqMSPbcBVQej/1INRx+TSqTdX1H

Malware Config

Targets

    • Target

      4913bef3153a460ba000e20dfcfc6bd2_JaffaCakes118

    • Size

      5.0MB

    • MD5

      4913bef3153a460ba000e20dfcfc6bd2

    • SHA1

      251cd89d8176ae36afa8603bc8b4806d40434d19

    • SHA256

      a09267d29f96c96cdae515723511affadecdf4210b4842ad142a25fc445b9946

    • SHA512

      9b7ec4ad9d5fa35476148f9b8740746d7c91b9a4f76bc9723a9f6b17e32bac798e7dcbe427f8885cc45269cebb6a885f72c6207b33c131068b1fba4ae2630fa0

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVXmiHt:SnAQqMSPbcBVQej/1INRx+TSqTdX1H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3338) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks