General
-
Target
7c0e50f5e306d1362f2a1ba5e65d5fd1_JaffaCakes118
-
Size
5.0MB
-
Sample
240528-hjhl1shg3v
-
MD5
7c0e50f5e306d1362f2a1ba5e65d5fd1
-
SHA1
12b69bcefdec5db7e884a972c23a1fb290a4500a
-
SHA256
f103f4c13496c10658bebd2c8a5c1f4e1c22ae3f7ddf3c6521453749e1cc730e
-
SHA512
79139cd00bcf1ffd9a2544f359734456191db1cabc154902ed7d665e2195a28dbedeb659825c871e9410deb0bb5a2aeed055bd09c06e648ac496b822a3650a38
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P5M3R8yAVp2H:+DqPe1Cxcxk3ZAEUadER8yc4H
Malware Config
Targets
-
-
Target
7c0e50f5e306d1362f2a1ba5e65d5fd1_JaffaCakes118
-
Size
5.0MB
-
MD5
7c0e50f5e306d1362f2a1ba5e65d5fd1
-
SHA1
12b69bcefdec5db7e884a972c23a1fb290a4500a
-
SHA256
f103f4c13496c10658bebd2c8a5c1f4e1c22ae3f7ddf3c6521453749e1cc730e
-
SHA512
79139cd00bcf1ffd9a2544f359734456191db1cabc154902ed7d665e2195a28dbedeb659825c871e9410deb0bb5a2aeed055bd09c06e648ac496b822a3650a38
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P5M3R8yAVp2H:+DqPe1Cxcxk3ZAEUadER8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3200) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-