Overview

overview

10

Static

static

3

b1c22e18d7...18.dll

windows7-x64

10

b1c22e18d7...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1c22e18d7e3f126ba7692efe3092ffa_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240616-e96jzszeqg

  • MD5

    b1c22e18d7e3f126ba7692efe3092ffa

  • SHA1

    8c945e136757b2a8cb889bdce0fdfdfbe6582504

  • SHA256

    d8ca9921e14601f55d5d0aa81bf47ff2850531697ce50862a4c9489184a71768

  • SHA512

    f7e1cfcfb39b20f2acc978916584a5b84cf56163d31c964dd403b9f4ecfa5753b3c2c316a57f9fdf20f7f07ba4dcadc6f3deea613a54a6e5c0001c5aaa2fe872

  • SSDEEP

    12288:yebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7:zbLgddQhfdmMSirYbcMNge

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      b1c22e18d7e3f126ba7692efe3092ffa_JaffaCakes118

    • Size

      5.0MB

    • MD5

      b1c22e18d7e3f126ba7692efe3092ffa

    • SHA1

      8c945e136757b2a8cb889bdce0fdfdfbe6582504

    • SHA256

      d8ca9921e14601f55d5d0aa81bf47ff2850531697ce50862a4c9489184a71768

    • SHA512

      f7e1cfcfb39b20f2acc978916584a5b84cf56163d31c964dd403b9f4ecfa5753b3c2c316a57f9fdf20f7f07ba4dcadc6f3deea613a54a6e5c0001c5aaa2fe872

    • SSDEEP

      12288:yebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7:zbLgddQhfdmMSirYbcMNge

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3115) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks