Overview

overview

10

Static

static

3

951806fed2...18.dll

windows7-x64

10

951806fed2...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    951806fed26ede01685f03413607fe18_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240814-hyn3catfpr

  • MD5

    951806fed26ede01685f03413607fe18

  • SHA1

    7f495a5a3c4af28d9d171b3338e9f4a2ed2dd9e3

  • SHA256

    c69ee85c1a5ad37d4583d5e7425b791c812aeb8526de23bf81a9120949965521

  • SHA512

    73f17420765a0c21a5150a8f46be480e56595ee71a10ef679a3b86e9db4140682c412f02e7786f1e8f6e716951391a7855e9f33e34e1c37f332af76a806230f3

  • SSDEEP

    12288:WVbLgPlumQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFp:gbLgdlQhfdmMSirYbcMNgef0QeQjG

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      951806fed26ede01685f03413607fe18_JaffaCakes118

    • Size

      5.0MB

    • MD5

      951806fed26ede01685f03413607fe18

    • SHA1

      7f495a5a3c4af28d9d171b3338e9f4a2ed2dd9e3

    • SHA256

      c69ee85c1a5ad37d4583d5e7425b791c812aeb8526de23bf81a9120949965521

    • SHA512

      73f17420765a0c21a5150a8f46be480e56595ee71a10ef679a3b86e9db4140682c412f02e7786f1e8f6e716951391a7855e9f33e34e1c37f332af76a806230f3

    • SSDEEP

      12288:WVbLgPlumQhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFp:gbLgdlQhfdmMSirYbcMNgef0QeQjG

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3197) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks