Overview

overview

10

Static

static

3

c113b4c6b8...18.dll

windows7-x64

10

c113b4c6b8...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c113b4c6b800aaf04e97194c239760ce_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240825-tb1neasbne

  • MD5

    c113b4c6b800aaf04e97194c239760ce

  • SHA1

    6808c1f69cf5b9e37188de7716c70265f44dda27

  • SHA256

    50e3a3bf860227fff83b8005e6cee4d84fc88150191a732cb9c357879f4a6dff

  • SHA512

    d9ae48d57a38982f035cfe4b5de93d5d94ece529459ac7ed32d9bf6ee64211c1c2526c63a8b882884064ed8d63239e78f57f275c8eeb8255dc6ae96d47ae84a7

  • SSDEEP

    98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P59N2H:d8qPe1Cxcxk3ZAEUadYH

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      c113b4c6b800aaf04e97194c239760ce_JaffaCakes118

    • Size

      5.0MB

    • MD5

      c113b4c6b800aaf04e97194c239760ce

    • SHA1

      6808c1f69cf5b9e37188de7716c70265f44dda27

    • SHA256

      50e3a3bf860227fff83b8005e6cee4d84fc88150191a732cb9c357879f4a6dff

    • SHA512

      d9ae48d57a38982f035cfe4b5de93d5d94ece529459ac7ed32d9bf6ee64211c1c2526c63a8b882884064ed8d63239e78f57f275c8eeb8255dc6ae96d47ae84a7

    • SSDEEP

      98304:d8qPoBhz1aRxcSUDk36SAEdhvxWa9P59N2H:d8qPe1Cxcxk3ZAEUadYH

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3341) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks