General
-
Target
6d669729126ad6976dc3b61ffe0177df_JaffaCakes118
-
Size
5.0MB
-
Sample
240524-flea9sec33
-
MD5
6d669729126ad6976dc3b61ffe0177df
-
SHA1
92ddc59fdc1f8205f712eb7f650d788ab277b874
-
SHA256
13db461f36f81669fb27d074f45e02bf945a5ea5e0c8d028c3e960abde88b727
-
SHA512
8d687314a2309056a07b032d9e60f2220f0a7fd510c18929d87fb6e77c2e466a34a987cb84cb1dcf9a4aeb80dd18c3d97481a033d7ae6b38112401cf945c833b
-
SSDEEP
98304:PDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:PDqPe1Cxcxk3ZAEUadzR8yc4H
Malware Config
Targets
-
-
Target
6d669729126ad6976dc3b61ffe0177df_JaffaCakes118
-
Size
5.0MB
-
MD5
6d669729126ad6976dc3b61ffe0177df
-
SHA1
92ddc59fdc1f8205f712eb7f650d788ab277b874
-
SHA256
13db461f36f81669fb27d074f45e02bf945a5ea5e0c8d028c3e960abde88b727
-
SHA512
8d687314a2309056a07b032d9e60f2220f0a7fd510c18929d87fb6e77c2e466a34a987cb84cb1dcf9a4aeb80dd18c3d97481a033d7ae6b38112401cf945c833b
-
SSDEEP
98304:PDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:PDqPe1Cxcxk3ZAEUadzR8yc4H
Score10/10-
Modifies firewall policy service
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3264) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-