General
-
Target
b9de290ef3ec191950f0550cf6d14a6f_JaffaCakes118
-
Size
5.0MB
-
Sample
240823-b2ws2ayemf
-
MD5
b9de290ef3ec191950f0550cf6d14a6f
-
SHA1
8926858b8703c0a303284ce5d8ae587e42c67324
-
SHA256
4f8b2591ae22c8cadaee061e46e6ad93f8912a06319b7454e19e85893fc7929e
-
SHA512
692178874f56991ec7c3970adc05df836c9786b51646aaa651ab1163d75864f188146c92209ba3417c143d9c0b0c7a7bf922b1b9b53c815f2abc2c764558bb2a
-
SSDEEP
49152:JnjJMSPbcBb/1INRx+TSqTdX1HkQo6SAARdhpk3R8yAH1plA:ddPoBL1aRxcSUDk36SAEdh+3R8yAVp2
Malware Config
Targets
-
-
Target
b9de290ef3ec191950f0550cf6d14a6f_JaffaCakes118
-
Size
5.0MB
-
MD5
b9de290ef3ec191950f0550cf6d14a6f
-
SHA1
8926858b8703c0a303284ce5d8ae587e42c67324
-
SHA256
4f8b2591ae22c8cadaee061e46e6ad93f8912a06319b7454e19e85893fc7929e
-
SHA512
692178874f56991ec7c3970adc05df836c9786b51646aaa651ab1163d75864f188146c92209ba3417c143d9c0b0c7a7bf922b1b9b53c815f2abc2c764558bb2a
-
SSDEEP
49152:JnjJMSPbcBb/1INRx+TSqTdX1HkQo6SAARdhpk3R8yAH1plA:ddPoBL1aRxcSUDk36SAEdh+3R8yAVp2
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (2998) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-