Overview

overview

10

Static

static

3

b8bfd4d94f...18.dll

windows7-x64

10

b8bfd4d94f...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8bfd4d94f147a0522b0864fe9b04566_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240617-p93hfa1hqe

  • MD5

    b8bfd4d94f147a0522b0864fe9b04566

  • SHA1

    084b17e76e8004c5785a9492964d6c16a310636e

  • SHA256

    584256a10a68910a705551079913a67998df49b68083fd1973262f48894338fc

  • SHA512

    bf1c2a435b57847380424469938580070e9c4de5f8ca5172e08a006b36a75ac590424ef5e58eb36b72e57981cc9d5d52195f9db27c9049858d63907c076170eb

  • SSDEEP

    98304:+DqPoBhoaRxcSUDk36SAGdhvxWa9P593R8yAVp2H:+DqPXCxcxk3ZAGUadzR8yc4H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      b8bfd4d94f147a0522b0864fe9b04566_JaffaCakes118

    • Size

      5.0MB

    • MD5

      b8bfd4d94f147a0522b0864fe9b04566

    • SHA1

      084b17e76e8004c5785a9492964d6c16a310636e

    • SHA256

      584256a10a68910a705551079913a67998df49b68083fd1973262f48894338fc

    • SHA512

      bf1c2a435b57847380424469938580070e9c4de5f8ca5172e08a006b36a75ac590424ef5e58eb36b72e57981cc9d5d52195f9db27c9049858d63907c076170eb

    • SSDEEP

      98304:+DqPoBhoaRxcSUDk36SAGdhvxWa9P593R8yAVp2H:+DqPXCxcxk3ZAGUadzR8yc4H

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3319) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks