Overview

overview

10

Static

static

3

6d5b8b9905...f6.dll

windows7-x64

10

6d5b8b9905...f6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5cd0fdd3bcd43306e18156d88ee1cb58_JaffaCakes118

  • Size

    3.4MB

  • Sample

    240520-dc2dbsgd35

  • MD5

    5cd0fdd3bcd43306e18156d88ee1cb58

  • SHA1

    be0e2b2d4cedae2433417eb46147d60f3a71152b

  • SHA256

    4c52ef702d12e6b58aa6077ac96b3354488adc711b8fd11489546a46b86f0c48

  • SHA512

    bb065bd1f54ef77a86b0302b6fc9fcf2b7f50e4ba39903e793d33e864f2461317451e6018100e3c3edac483b8c1af9716fc33c1b332571f57cdb85bb80cf697f

  • SSDEEP

    98304:Ld4fa8pFbUV23PeSUt+n6Ks6pRnpMYFZZl/VQm6x9WVG:RWa8UgPej+nPs6+Y7HVQmwAVG

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      6d5b8b99056a0b2e5700472f3edfcaf6.vir

    • Size

      5.0MB

    • MD5

      6d5b8b99056a0b2e5700472f3edfcaf6

    • SHA1

      d17e4bdfc3aeacd46959c5fca60b51c4563648c4

    • SHA256

      9debc5e72e428bf4bab1de706af71d56297db1fb0647c4f7afb0ab445d3f7807

    • SHA512

      59975e14be89dbc7152f864bef0a8ce232076dd40aebda159ee1193ce1832454f6219bd685c54a78de5a9820e217b04ccc949fb8d72d6e0ec5b2ecdf23031b26

    • SSDEEP

      98304:+8cPoBhz+aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:+8cPe+Cxcxk3ZAEUadzR8yc4H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3105) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks