General
-
Target
54c48809de13c43efc75791debe5955c_JaffaCakes118
-
Size
5.0MB
-
Sample
240518-pzh12sca81
-
MD5
54c48809de13c43efc75791debe5955c
-
SHA1
29fb15e99dd61101470cb837c06bbd15796e2969
-
SHA256
3e5c35fca4c6ab1655e58e7ba76aa2a250254009a256cdaf4c5964b112f46287
-
SHA512
51d3ca0f14ca9a1722713010e22d1e5e5a18790cbb5832366e6498e5570b734c290d21fd3d62ec23292e8e18f17cf56efcef3ccf231ad2d2c63d02d7af2c76a4
-
SSDEEP
98304:+DqPoBhz1aRxcSUDkvEdhvxWa9P593R8yAVp2H:+DqPe1CxcxkvEUadzR8yc4H
Malware Config
Targets
-
-
Target
54c48809de13c43efc75791debe5955c_JaffaCakes118
-
Size
5.0MB
-
MD5
54c48809de13c43efc75791debe5955c
-
SHA1
29fb15e99dd61101470cb837c06bbd15796e2969
-
SHA256
3e5c35fca4c6ab1655e58e7ba76aa2a250254009a256cdaf4c5964b112f46287
-
SHA512
51d3ca0f14ca9a1722713010e22d1e5e5a18790cbb5832366e6498e5570b734c290d21fd3d62ec23292e8e18f17cf56efcef3ccf231ad2d2c63d02d7af2c76a4
-
SSDEEP
98304:+DqPoBhz1aRxcSUDkvEdhvxWa9P593R8yAVp2H:+DqPe1CxcxkvEUadzR8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3318) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-