Overview

overview

10

Static

static

3

75695be8e3...18.dll

windows7-x64

10

75695be8e3...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75695be8e3ddf0ef933283b55a36d22f_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240526-n68plsbc74

  • MD5

    75695be8e3ddf0ef933283b55a36d22f

  • SHA1

    26fbd0b2145fe8fee24524f245808c645c468556

  • SHA256

    0003fa57b49fbc514bc48a2ce0c17e93307ab37123a65b3f5e1016b0d4f2f4fa

  • SHA512

    dd8b63b87d1b5048bbb258958b50b2478ae3a731418db087f6f5dbcb7e10ad41471a274fff5c8639076ff0b9bb0e601f5e584cbd71df1db26cc14c2d4b7513ce

  • SSDEEP

    49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQDH9PAMEcaEau3RthnAEYc8c6Ri5WN6n7:TDqPoBhz1aRxcSUDkK9P593R

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      75695be8e3ddf0ef933283b55a36d22f_JaffaCakes118

    • Size

      5.0MB

    • MD5

      75695be8e3ddf0ef933283b55a36d22f

    • SHA1

      26fbd0b2145fe8fee24524f245808c645c468556

    • SHA256

      0003fa57b49fbc514bc48a2ce0c17e93307ab37123a65b3f5e1016b0d4f2f4fa

    • SHA512

      dd8b63b87d1b5048bbb258958b50b2478ae3a731418db087f6f5dbcb7e10ad41471a274fff5c8639076ff0b9bb0e601f5e584cbd71df1db26cc14c2d4b7513ce

    • SSDEEP

      49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQDH9PAMEcaEau3RthnAEYc8c6Ri5WN6n7:TDqPoBhz1aRxcSUDkK9P593R

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3178) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks