Overview

overview

10

Static

static

3

c2f45780a9...18.dll

windows7-x64

10

c2f45780a9...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2f45780a92f1ebe7bef8666e5b2284d_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240826-n7288atfqn

  • MD5

    c2f45780a92f1ebe7bef8666e5b2284d

  • SHA1

    b64779feba9ea84eb6b489eadb73ec635fd4b250

  • SHA256

    8e6792f76da8dd823517fe1b563b86b3670389a27efa0e48d9770370aebcd719

  • SHA512

    fd9f03f0520b6f24b30674ddf498b470044115290d52c2429ad24d5a8e3bf6ef4fea04bf5ab948b182f734dbc9e16a8f3356d684cae8283e576392d06ae9c995

  • SSDEEP

    98304:TDqPoBhz17iSYOgS/sXxW/WnTTTxa9xWa9P593RenVpE:TDqPe17kOPWxW/WnnT42adzReVm

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      c2f45780a92f1ebe7bef8666e5b2284d_JaffaCakes118

    • Size

      5.0MB

    • MD5

      c2f45780a92f1ebe7bef8666e5b2284d

    • SHA1

      b64779feba9ea84eb6b489eadb73ec635fd4b250

    • SHA256

      8e6792f76da8dd823517fe1b563b86b3670389a27efa0e48d9770370aebcd719

    • SHA512

      fd9f03f0520b6f24b30674ddf498b470044115290d52c2429ad24d5a8e3bf6ef4fea04bf5ab948b182f734dbc9e16a8f3356d684cae8283e576392d06ae9c995

    • SSDEEP

      98304:TDqPoBhz17iSYOgS/sXxW/WnTTTxa9xWa9P593RenVpE:TDqPe17kOPWxW/WnnT42adzReVm

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3283) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks