General
-
Target
903197f254d19314edb7ea6f678372f7_JaffaCakes118
-
Size
5.0MB
-
Sample
240603-cd9wesfc6w
-
MD5
903197f254d19314edb7ea6f678372f7
-
SHA1
66d487ba99eee543e7db90153fe2116b6dbed5e5
-
SHA256
d7089495fb713c328df0ce7a5fec9ba2b5e7b8d45f792818c445225f73d323d4
-
SHA512
454a609272be463a8148f2d63070140d1ba60e8cd1418bc46bfb351f11d493fd7c2e08f00f89818449b60e535671c2db2050bf45ba7583fb9c00c9384e07857e
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593RqYqif:+DqPe1Cxcxk3ZAEUadzRE
Malware Config
Targets
-
-
Target
903197f254d19314edb7ea6f678372f7_JaffaCakes118
-
Size
5.0MB
-
MD5
903197f254d19314edb7ea6f678372f7
-
SHA1
66d487ba99eee543e7db90153fe2116b6dbed5e5
-
SHA256
d7089495fb713c328df0ce7a5fec9ba2b5e7b8d45f792818c445225f73d323d4
-
SHA512
454a609272be463a8148f2d63070140d1ba60e8cd1418bc46bfb351f11d493fd7c2e08f00f89818449b60e535671c2db2050bf45ba7583fb9c00c9384e07857e
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593RqYqif:+DqPe1Cxcxk3ZAEUadzRE
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3283) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-