General
-
Target
c787b6e8cffd395ff3b47b0533225c1f_JaffaCakes118
-
Size
3.6MB
-
Sample
240828-yggjyasfja
-
MD5
c787b6e8cffd395ff3b47b0533225c1f
-
SHA1
50fee498c71b0a9e194b1797cf6b38c946e9fcee
-
SHA256
d041d1d3fc3f7553e5524a1e8603a2a9d751aa14965811bb29ef35ed1edf9c24
-
SHA512
6214cdade00e74bb8d8d2f484bd9dd2b9c17d91c663787ce2a358e352a15d58779eb80a55df6c7b702d0bb8e66a6c554f63e62dc9569840500e8b74e5cc51a5b
-
SSDEEP
98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2tI:yDqPe1Cxcxk3ZAEUadzR8yc4tI
Malware Config
Targets
-
-
Target
c787b6e8cffd395ff3b47b0533225c1f_JaffaCakes118
-
Size
3.6MB
-
MD5
c787b6e8cffd395ff3b47b0533225c1f
-
SHA1
50fee498c71b0a9e194b1797cf6b38c946e9fcee
-
SHA256
d041d1d3fc3f7553e5524a1e8603a2a9d751aa14965811bb29ef35ed1edf9c24
-
SHA512
6214cdade00e74bb8d8d2f484bd9dd2b9c17d91c663787ce2a358e352a15d58779eb80a55df6c7b702d0bb8e66a6c554f63e62dc9569840500e8b74e5cc51a5b
-
SSDEEP
98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2tI:yDqPe1Cxcxk3ZAEUadzR8yc4tI
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3364) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-