General
-
Target
7be8e729aa01dc09bebdd7f7ebbece3e_JaffaCakes118
-
Size
5.0MB
-
Sample
240528-ggea5she75
-
MD5
7be8e729aa01dc09bebdd7f7ebbece3e
-
SHA1
13292e44e9050a39ba74af1af5be36f3fcb6eb68
-
SHA256
9b2eb28f4eff17f9205bf46cf24d51cea5e6859d4c20ab5a41d6ddef01c9a273
-
SHA512
ad591439371a642c9086eeed431c8e1424a6015dbf7a49c50b8ca603216fa44a868a56c3b290c26487e71336bb43db71958c7c258c93ee26e47ccd6ba8011563
-
SSDEEP
24576:SbLgddQhfdmMSirYbcMNgef0jai92GGv3gsQ/:SnAQqMSPbcBVjai92GGv3K/
Malware Config
Targets
-
-
Target
7be8e729aa01dc09bebdd7f7ebbece3e_JaffaCakes118
-
Size
5.0MB
-
MD5
7be8e729aa01dc09bebdd7f7ebbece3e
-
SHA1
13292e44e9050a39ba74af1af5be36f3fcb6eb68
-
SHA256
9b2eb28f4eff17f9205bf46cf24d51cea5e6859d4c20ab5a41d6ddef01c9a273
-
SHA512
ad591439371a642c9086eeed431c8e1424a6015dbf7a49c50b8ca603216fa44a868a56c3b290c26487e71336bb43db71958c7c258c93ee26e47ccd6ba8011563
-
SSDEEP
24576:SbLgddQhfdmMSirYbcMNgef0jai92GGv3gsQ/:SnAQqMSPbcBVjai92GGv3K/
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3264) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-