General
-
Target
7df0173a56602e9663f2f5158b6defef_JaffaCakes118
-
Size
5.0MB
-
Sample
240528-w2z6nsfa6s
-
MD5
7df0173a56602e9663f2f5158b6defef
-
SHA1
aedc7fb3828c8244ac65a49b415bdf7fed19e9a5
-
SHA256
8e97cfb66743c300caebdd293450ed956b9a2609c1f8d9ca11578a95a135a8b7
-
SHA512
6f02586d839066c01934264fee54883a29d1c862c77d2fe7380f79615b6f1f44be917dfa4e7cfff882300e3db35c9fc448de8deeec2fe9796eec5d7a623f596d
-
SSDEEP
49152:znAQqMSPbcBVqxJM0H9nau3R8yAH1plAvyQ3:TDqPoB8xWa9N3R8yAVp2x3
Malware Config
Targets
-
-
Target
7df0173a56602e9663f2f5158b6defef_JaffaCakes118
-
Size
5.0MB
-
MD5
7df0173a56602e9663f2f5158b6defef
-
SHA1
aedc7fb3828c8244ac65a49b415bdf7fed19e9a5
-
SHA256
8e97cfb66743c300caebdd293450ed956b9a2609c1f8d9ca11578a95a135a8b7
-
SHA512
6f02586d839066c01934264fee54883a29d1c862c77d2fe7380f79615b6f1f44be917dfa4e7cfff882300e3db35c9fc448de8deeec2fe9796eec5d7a623f596d
-
SSDEEP
49152:znAQqMSPbcBVqxJM0H9nau3R8yAH1plAvyQ3:TDqPoB8xWa9N3R8yAVp2x3
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3298) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-