Overview

overview

10

Static

static

3

8f60323ecd...18.dll

windows7-x64

10

8f60323ecd...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f60323ecdbbd33f58430a9e84d508eb_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240812-tj19xasgla

  • MD5

    8f60323ecdbbd33f58430a9e84d508eb

  • SHA1

    72f1f34beaaa2f4d73c3e364ebc220e0481c6153

  • SHA256

    69f1817165685f56295cba654b84eb9ca5bd598be118f04b9f79688b928ee13c

  • SHA512

    c3aa160a428be0a8f4f21de47d59b4a7c97c069e57767532fccb2c9298a30eb550e97944731c7cbeb3d941e86fcd7b86900702a69ff2b5d4b15ebef4f0e1173d

  • SSDEEP

    24576:SbLgd3yt4IiXctzDqGJ0cy7+Z0vIikqbNNkrKLSR2lyFlSPjCSQOqsqbYqK:SnmLIishzy71v/rbhSR24DZS

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      8f60323ecdbbd33f58430a9e84d508eb_JaffaCakes118

    • Size

      5.0MB

    • MD5

      8f60323ecdbbd33f58430a9e84d508eb

    • SHA1

      72f1f34beaaa2f4d73c3e364ebc220e0481c6153

    • SHA256

      69f1817165685f56295cba654b84eb9ca5bd598be118f04b9f79688b928ee13c

    • SHA512

      c3aa160a428be0a8f4f21de47d59b4a7c97c069e57767532fccb2c9298a30eb550e97944731c7cbeb3d941e86fcd7b86900702a69ff2b5d4b15ebef4f0e1173d

    • SSDEEP

      24576:SbLgd3yt4IiXctzDqGJ0cy7+Z0vIikqbNNkrKLSR2lyFlSPjCSQOqsqbYqK:SnmLIishzy71v/rbhSR24DZS

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3184) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks