Overview

overview

10

Static

static

3

8e6bec90c3...18.dll

windows7-x64

10

8e6bec90c3...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e6bec90c3c40eeb623346a64a673c7a_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240602-r1972aeh3w

  • MD5

    8e6bec90c3c40eeb623346a64a673c7a

  • SHA1

    ca10ff363aa0dd8891ad313f3fca34b992b886bb

  • SHA256

    db2102e6a647005f717126b68954b23bc7c1baa5baae3cc6a6de620caf69c9ad

  • SHA512

    e1f91142b577e42a65da53f2105a2e43e962ff86bc0b87b1f91a30fbc5d7594b5a6e200b325119356c10b16c7ee8178606595320833ecb52e75c18f6993d249c

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVX:SnAQqMSPbcBVQej/1INRx+TSqTdX

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      8e6bec90c3c40eeb623346a64a673c7a_JaffaCakes118

    • Size

      5.0MB

    • MD5

      8e6bec90c3c40eeb623346a64a673c7a

    • SHA1

      ca10ff363aa0dd8891ad313f3fca34b992b886bb

    • SHA256

      db2102e6a647005f717126b68954b23bc7c1baa5baae3cc6a6de620caf69c9ad

    • SHA512

      e1f91142b577e42a65da53f2105a2e43e962ff86bc0b87b1f91a30fbc5d7594b5a6e200b325119356c10b16c7ee8178606595320833ecb52e75c18f6993d249c

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPVX:SnAQqMSPbcBVQej/1INRx+TSqTdX

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3196) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks