General
-
Target
c13e4ce270926d4a40c1e8407acd026e_JaffaCakes118
-
Size
5.0MB
-
Sample
240825-v8vzvswbqb
-
MD5
c13e4ce270926d4a40c1e8407acd026e
-
SHA1
58b61f723a9a63a846e2678c3af6727d5a8695b0
-
SHA256
2bd3af25a48d57897127617c76e74affea683db9ef4d2036f0ceb8068eada62d
-
SHA512
5e96367302cb0068f9f1cbf675062fb02c7e1c89599fc18fe096b530bc64f8d93a41109a1645f545719f536bd2bec2218b7d63f7c1a509c7754f4975e495a919
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhz59A8yAVp2Y3:+DqPe1Cxcxk3ZAEvM8yc4Y
Malware Config
Targets
-
-
Target
c13e4ce270926d4a40c1e8407acd026e_JaffaCakes118
-
Size
5.0MB
-
MD5
c13e4ce270926d4a40c1e8407acd026e
-
SHA1
58b61f723a9a63a846e2678c3af6727d5a8695b0
-
SHA256
2bd3af25a48d57897127617c76e74affea683db9ef4d2036f0ceb8068eada62d
-
SHA512
5e96367302cb0068f9f1cbf675062fb02c7e1c89599fc18fe096b530bc64f8d93a41109a1645f545719f536bd2bec2218b7d63f7c1a509c7754f4975e495a919
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhz59A8yAVp2Y3:+DqPe1Cxcxk3ZAEvM8yc4Y
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (2967) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1