General
-
Target
9cf442fb38abdde90f6b56a5bb7ef852_JaffaCakes118
-
Size
5.0MB
-
Sample
240611-etmryatfja
-
MD5
9cf442fb38abdde90f6b56a5bb7ef852
-
SHA1
d02a404a8f9710c1b43899377d65a5651a685740
-
SHA256
38c3a368380051851b24e20346818b6ce7b0f82ed6a0161e8a97d5dd5fac1f55
-
SHA512
e2fc2a19939713f2b1f2ac568fa48f5fbf04c4db00e7a980c2687e475851e0d99c4ee1f97f18d45301b308e2d8f899ca75df710ee7d1c4394ce236dfc72eab6a
-
SSDEEP
98304:+DqP3hz1MKSbevWSdOLZSPebdWDAVp2H:+DqP51M5bNiOLhbdac4H
Malware Config
Targets
-
-
Target
9cf442fb38abdde90f6b56a5bb7ef852_JaffaCakes118
-
Size
5.0MB
-
MD5
9cf442fb38abdde90f6b56a5bb7ef852
-
SHA1
d02a404a8f9710c1b43899377d65a5651a685740
-
SHA256
38c3a368380051851b24e20346818b6ce7b0f82ed6a0161e8a97d5dd5fac1f55
-
SHA512
e2fc2a19939713f2b1f2ac568fa48f5fbf04c4db00e7a980c2687e475851e0d99c4ee1f97f18d45301b308e2d8f899ca75df710ee7d1c4394ce236dfc72eab6a
-
SSDEEP
98304:+DqP3hz1MKSbevWSdOLZSPebdWDAVp2H:+DqP51M5bNiOLhbdac4H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (2670) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-