Overview

overview

10

Static

static

3

9b7ff99ecb...18.dll

windows7-x64

10

9b7ff99ecb...18.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b7ff99ecb30312c69cacb5ce993992d_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240610-wa1ccsvble

  • MD5

    9b7ff99ecb30312c69cacb5ce993992d

  • SHA1

    dbc5e05628e69423bd7f337d1d65b8de77e18542

  • SHA256

    d615156d6db68d4cc571df6d302008fbc7647236024aec1a37e3315a1d31b6e0

  • SHA512

    a038bd637fea779769bc0d69e9981bcc2a86cb1cceea28b802cbaf06462640747fda86589b313239d03b28304dba4d89191c4835b6ae30105ed443ab10b84112

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDkXhvxWa9P593R8yAVp2Hq:yDqPe1Cxcxk+adzR8yc4Hq

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      9b7ff99ecb30312c69cacb5ce993992d_JaffaCakes118

    • Size

      5.0MB

    • MD5

      9b7ff99ecb30312c69cacb5ce993992d

    • SHA1

      dbc5e05628e69423bd7f337d1d65b8de77e18542

    • SHA256

      d615156d6db68d4cc571df6d302008fbc7647236024aec1a37e3315a1d31b6e0

    • SHA512

      a038bd637fea779769bc0d69e9981bcc2a86cb1cceea28b802cbaf06462640747fda86589b313239d03b28304dba4d89191c4835b6ae30105ed443ab10b84112

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDkXhvxWa9P593R8yAVp2Hq:yDqPe1Cxcxk+adzR8yc4Hq

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (2665) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks