Overview

overview

10

Static

static

3

92a5bf01f9...18.dll

windows7-x64

10

92a5bf01f9...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92a5bf01f9a7c4558ac9b24cfa85f29c_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240603-wa1ywsfc25

  • MD5

    92a5bf01f9a7c4558ac9b24cfa85f29c

  • SHA1

    d516f680006e70f80b5674f93d63ae1b80e6e6f5

  • SHA256

    a2a8729f73ab7fef657cd15316818606548f802903589df70dafd405f15d7b5e

  • SHA512

    c05b2e68debf06f531f3889904a982a6dc29c39a2223cb83a45597597220a1f7a07d4d464e9f0e0995d87c3c7e4c3760e515f84cb4af425e6b928c504af18921

  • SSDEEP

    49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQo4R8:TDqPoBhz1aRxcSUDk34R8

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      92a5bf01f9a7c4558ac9b24cfa85f29c_JaffaCakes118

    • Size

      5.0MB

    • MD5

      92a5bf01f9a7c4558ac9b24cfa85f29c

    • SHA1

      d516f680006e70f80b5674f93d63ae1b80e6e6f5

    • SHA256

      a2a8729f73ab7fef657cd15316818606548f802903589df70dafd405f15d7b5e

    • SHA512

      c05b2e68debf06f531f3889904a982a6dc29c39a2223cb83a45597597220a1f7a07d4d464e9f0e0995d87c3c7e4c3760e515f84cb4af425e6b928c504af18921

    • SSDEEP

      49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQo4R8:TDqPoBhz1aRxcSUDk34R8

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3158) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks