General
-
Target
8f3411b1efc444e647c8469df9b18f57_JaffaCakes118
-
Size
3.6MB
-
Sample
240602-ye866scg31
-
MD5
8f3411b1efc444e647c8469df9b18f57
-
SHA1
d40af4c42356416317b8ce15e1973de635e6ecf3
-
SHA256
41b15430e63b370bb6c2b04b28ac2a9caa27592505f0955078a17f56228bbbbc
-
SHA512
42742d6c711d7672e945634cec113bafa64c0644036b1975f981451714cc3b70d1f2c20123b83f8b7ac3d11f30e5d7d6cc2d9f91b1969ffb54303cb7a091637b
-
SSDEEP
98304:yDqPoBhz1aRxcSUDk36SACdhvxWa9P593R8yAVp2HI:yDqPe1Cxcxk3ZACUadzR8yc4HI
Malware Config
Targets
-
-
Target
8f3411b1efc444e647c8469df9b18f57_JaffaCakes118
-
Size
3.6MB
-
MD5
8f3411b1efc444e647c8469df9b18f57
-
SHA1
d40af4c42356416317b8ce15e1973de635e6ecf3
-
SHA256
41b15430e63b370bb6c2b04b28ac2a9caa27592505f0955078a17f56228bbbbc
-
SHA512
42742d6c711d7672e945634cec113bafa64c0644036b1975f981451714cc3b70d1f2c20123b83f8b7ac3d11f30e5d7d6cc2d9f91b1969ffb54303cb7a091637b
-
SSDEEP
98304:yDqPoBhz1aRxcSUDk36SACdhvxWa9P593R8yAVp2HI:yDqPe1Cxcxk3ZACUadzR8yc4HI
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3134) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-