Overview

overview

10

Static

static

3

c352124d7c...18.dll

windows11-21h2-x64

10

c352124d7c...18.dll

ubuntu-18.04-amd64

c352124d7c...18.dll

debian-9-armhf

c352124d7c...18.dll

debian-9-mips

c352124d7c...18.dll

debian-9-mipsel

Resubmissions

26-08-2024 17:20

240826-vwd6ksxbrj 10

26-08-2024 15:48

240826-s8x34starj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c352124d7c524a2f4f48ce2ac16ebe88_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240826-vwd6ksxbrj

  • MD5

    c352124d7c524a2f4f48ce2ac16ebe88

  • SHA1

    593e5266addd75e3c12666fd335023008ee42e4e

  • SHA256

    9974ef9a67abde0940c7c44f5a2f76304f5b1f9615f4a471804471a523f5d950

  • SHA512

    ad124d4af25bbf34afa9c05d4604a1973577a009019d3c7fe0060e3adf5c976a1ac20b03ff122a7fdbe6b7c545f030afae396f79be407664dbca0b36960bb812

  • SSDEEP

    49152:ynAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAZ0vZ6GIk:eDqPoBhz1aRxcSUDk36SAc0B6GIk

Score
10/10
wannacrydiscoveryevasionlinuxransomwareworm

Malware Config

Targets

    • Target

      c352124d7c524a2f4f48ce2ac16ebe88_JaffaCakes118

    • Size

      5.0MB

    • MD5

      c352124d7c524a2f4f48ce2ac16ebe88

    • SHA1

      593e5266addd75e3c12666fd335023008ee42e4e

    • SHA256

      9974ef9a67abde0940c7c44f5a2f76304f5b1f9615f4a471804471a523f5d950

    • SHA512

      ad124d4af25bbf34afa9c05d4604a1973577a009019d3c7fe0060e3adf5c976a1ac20b03ff122a7fdbe6b7c545f030afae396f79be407664dbca0b36960bb812

    • SSDEEP

      49152:ynAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAZ0vZ6GIk:eDqPoBhz1aRxcSUDk36SAc0B6GIk

    Score
    10/10
    wannacrydiscoveryevasionransomwareworm

    • Modifies firewall policy service

      evasion

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3430) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks