General
-
Target
7f6d93e9834b0aaf7cee7730a74911da_JaffaCakes118
-
Size
5.0MB
-
Sample
240529-ej63tshf8x
-
MD5
7f6d93e9834b0aaf7cee7730a74911da
-
SHA1
f0c9ea2fb89acc331b1a54ef1034bed8b3200fd0
-
SHA256
7160df3b9435eab5e5cc458250447dd2e02277b44df34f2fefeae59eba93d657
-
SHA512
2f62cfc9b67a756214578899a3290bcb59c491a1f3e3f52e73444a2c94781d4fdc515cd625309fb58d303b6734041d1bc642aa40969ddb324920c1d4524f9d2a
-
SSDEEP
49152:JnjQqMSPbcBVQej/dINRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEa:d8qPoBhzdaRxcSUDk36SAEdhvxWa9P5
Malware Config
Targets
-
-
Target
7f6d93e9834b0aaf7cee7730a74911da_JaffaCakes118
-
Size
5.0MB
-
MD5
7f6d93e9834b0aaf7cee7730a74911da
-
SHA1
f0c9ea2fb89acc331b1a54ef1034bed8b3200fd0
-
SHA256
7160df3b9435eab5e5cc458250447dd2e02277b44df34f2fefeae59eba93d657
-
SHA512
2f62cfc9b67a756214578899a3290bcb59c491a1f3e3f52e73444a2c94781d4fdc515cd625309fb58d303b6734041d1bc642aa40969ddb324920c1d4524f9d2a
-
SSDEEP
49152:JnjQqMSPbcBVQej/dINRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEa:d8qPoBhzdaRxcSUDk36SAEdhvxWa9P5
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3280) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-