General
-
Target
5da581b5248ef51f23e378474f430028_JaffaCakes118
-
Size
3.6MB
-
Sample
240520-g9vtlafg37
-
MD5
5da581b5248ef51f23e378474f430028
-
SHA1
15b2470540efa1d8e18e6a324b46c6c969703b79
-
SHA256
993e95a63073362991f1532c7cada7a0f35d647dd795dc44a0dd54bcc6c5cb06
-
SHA512
5f58a5451d75829b2ea890ce0ba2fd3869ced4c42fdfa592e0b9a7e627c622a45e200dcee4d2e24e27de3f9c3e0a19ddbf7d8d9d6cd0f7254d3a670c84a44f46
-
SSDEEP
98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAw2F:Z8qPe1Cxcxk3ZAEUadzR8yA
Malware Config
Targets
-
-
Target
5da581b5248ef51f23e378474f430028_JaffaCakes118
-
Size
3.6MB
-
MD5
5da581b5248ef51f23e378474f430028
-
SHA1
15b2470540efa1d8e18e6a324b46c6c969703b79
-
SHA256
993e95a63073362991f1532c7cada7a0f35d647dd795dc44a0dd54bcc6c5cb06
-
SHA512
5f58a5451d75829b2ea890ce0ba2fd3869ced4c42fdfa592e0b9a7e627c622a45e200dcee4d2e24e27de3f9c3e0a19ddbf7d8d9d6cd0f7254d3a670c84a44f46
-
SSDEEP
98304:Z8qPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAw2F:Z8qPe1Cxcxk3ZAEUadzR8yA
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3171) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-