General
-
Target
54c56d0ef889f68d72504783d10294e7_JaffaCakes118
-
Size
5.0MB
-
Sample
240518-pzwl5scb77
-
MD5
54c56d0ef889f68d72504783d10294e7
-
SHA1
b425969a10d4c87cc5ee4fc13f7f1195955d5aa6
-
SHA256
ed4239728df8dc6d90612bcfcf41dc40e4b633f8be4d668657ae39340f920b0a
-
SHA512
f803493cf5c672acc2f05bd7bf72a578dee74a3c34415c2c770a63f7b6cfeb0a89b49b1d3a6e9fef52e56ca08c6b325e4493be38e63aff396a0bbba73b991118
-
SSDEEP
98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9wlZMgWZBcrGIH:d8qPe1Cxcxk3ZAEUaWWDcr3H
Malware Config
Targets
-
-
Target
54c56d0ef889f68d72504783d10294e7_JaffaCakes118
-
Size
5.0MB
-
MD5
54c56d0ef889f68d72504783d10294e7
-
SHA1
b425969a10d4c87cc5ee4fc13f7f1195955d5aa6
-
SHA256
ed4239728df8dc6d90612bcfcf41dc40e4b633f8be4d668657ae39340f920b0a
-
SHA512
f803493cf5c672acc2f05bd7bf72a578dee74a3c34415c2c770a63f7b6cfeb0a89b49b1d3a6e9fef52e56ca08c6b325e4493be38e63aff396a0bbba73b991118
-
SSDEEP
98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9wlZMgWZBcrGIH:d8qPe1Cxcxk3ZAEUaWWDcr3H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3330) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-