General
-
Target
49c498acf0c583595d5c5e2c3fef0200_JaffaCakes118
-
Size
5.0MB
-
Sample
240516-g3f2vsga22
-
MD5
49c498acf0c583595d5c5e2c3fef0200
-
SHA1
5010058428969b59237d4dad86d153b30e371cb3
-
SHA256
b57cef2207b4c476d7f6318c9f4077de33edfc503f665d41a40312ece6e49cef
-
SHA512
1461c5ca8ec9a633424cd9fec9a478fb28c2fc593b60eecf35107dd9c689fa63e2fe1cdacb6f64405a633a3e1e12f72ce1ec8f42d4939a6c08c28ec7a7ff6abf
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVpNZ:+DqPe1Cxcxk3ZAEUadzR8ycPZ
Malware Config
Targets
-
-
Target
49c498acf0c583595d5c5e2c3fef0200_JaffaCakes118
-
Size
5.0MB
-
MD5
49c498acf0c583595d5c5e2c3fef0200
-
SHA1
5010058428969b59237d4dad86d153b30e371cb3
-
SHA256
b57cef2207b4c476d7f6318c9f4077de33edfc503f665d41a40312ece6e49cef
-
SHA512
1461c5ca8ec9a633424cd9fec9a478fb28c2fc593b60eecf35107dd9c689fa63e2fe1cdacb6f64405a633a3e1e12f72ce1ec8f42d4939a6c08c28ec7a7ff6abf
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVpNZ:+DqPe1Cxcxk3ZAEUadzR8ycPZ
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3294) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-