General
-
Target
aec2d49eb06a8dd0df471b15fbab97e0_JaffaCakes118
-
Size
5.0MB
-
Sample
240615-ra3ehashmd
-
MD5
aec2d49eb06a8dd0df471b15fbab97e0
-
SHA1
e846344e2455023cca62c449a8f9ab682ad156f2
-
SHA256
fce1a25fa617d0367944a2c8e9b5b9c359c12ae12f0a00694086a48a05476707
-
SHA512
d52e7d2b3f72f26406f8860b03c9cf45e5ad5f36778227f9f63bab11b0510773184c596161cd8f0b8697a618b73991aee88ecd6fadb20ba8da4f64a8b9616043
-
SSDEEP
49152:4nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAZ0vZ6GIk:oDqPoBhz1aRxcSUDk36SAc0B6GIk
Malware Config
Targets
-
-
Target
aec2d49eb06a8dd0df471b15fbab97e0_JaffaCakes118
-
Size
5.0MB
-
MD5
aec2d49eb06a8dd0df471b15fbab97e0
-
SHA1
e846344e2455023cca62c449a8f9ab682ad156f2
-
SHA256
fce1a25fa617d0367944a2c8e9b5b9c359c12ae12f0a00694086a48a05476707
-
SHA512
d52e7d2b3f72f26406f8860b03c9cf45e5ad5f36778227f9f63bab11b0510773184c596161cd8f0b8697a618b73991aee88ecd6fadb20ba8da4f64a8b9616043
-
SSDEEP
49152:4nAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAZ0vZ6GIk:oDqPoBhz1aRxcSUDk36SAc0B6GIk
Score10/10-
Modifies firewall policy service
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3261) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-