General
-
Target
89df4643198d4fa26bc265704470ad11_JaffaCakes118
-
Size
5.0MB
-
Sample
240601-kb3nbsfd2t
-
MD5
89df4643198d4fa26bc265704470ad11
-
SHA1
8c14cf6b4ff40cb0404c09a4e6b856af5d7656e7
-
SHA256
3fd647e0636cdc6559584720480f65a80d7c39f19f5da79fde445f98a0f483f3
-
SHA512
20e9e9dffd7dcfd4f1918395c066d59bbe7a1f1f184ece336f5e69e9394112efe4ea7b2e4bf7d058cc297fc69121000419493790f7a4fff02fe209e77eb9e699
-
SSDEEP
98304:+DqPoBhz1aRxcSUMk36SAEdhvxWa9P593R8yAVp2H:+DqPe1Cxcuk3ZAEUadzR8yc4H
Malware Config
Targets
-
-
Target
89df4643198d4fa26bc265704470ad11_JaffaCakes118
-
Size
5.0MB
-
MD5
89df4643198d4fa26bc265704470ad11
-
SHA1
8c14cf6b4ff40cb0404c09a4e6b856af5d7656e7
-
SHA256
3fd647e0636cdc6559584720480f65a80d7c39f19f5da79fde445f98a0f483f3
-
SHA512
20e9e9dffd7dcfd4f1918395c066d59bbe7a1f1f184ece336f5e69e9394112efe4ea7b2e4bf7d058cc297fc69121000419493790f7a4fff02fe209e77eb9e699
-
SSDEEP
98304:+DqPoBhz1aRxcSUMk36SAEdhvxWa9P593R8yAVp2H:+DqPe1Cxcuk3ZAEUadzR8yc4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3267) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-