Overview

overview

10

Static

static

3

d1dd845dc8...18.dll

windows7-x64

10

d1dd845dc8...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1dd845dc80fe6f800e4e573a930eb13_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240907-nzpm6atame

  • MD5

    d1dd845dc80fe6f800e4e573a930eb13

  • SHA1

    9d3101570c44a5a14671d925a7468162f921aede

  • SHA256

    69cdcc6cefa1df9d0a8937f19d57ddb411af75ce8a5b29cfbaf74a16880338dc

  • SHA512

    6e1326a26a5a0a7efa2cf7729a8676e8a8cf2b9d431b24200b9dd3b3093ea1b6dd49d3ca81bcea0ad9e755f674aeb43a18f67f419a700c2cdf670bbc6a42ff32

  • SSDEEP

    49152:SnjQqMSPbcBVQej/1INRx+TSqTdX1HkQ:+8qPoBhz1aRxcSUDk

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      d1dd845dc80fe6f800e4e573a930eb13_JaffaCakes118

    • Size

      5.0MB

    • MD5

      d1dd845dc80fe6f800e4e573a930eb13

    • SHA1

      9d3101570c44a5a14671d925a7468162f921aede

    • SHA256

      69cdcc6cefa1df9d0a8937f19d57ddb411af75ce8a5b29cfbaf74a16880338dc

    • SHA512

      6e1326a26a5a0a7efa2cf7729a8676e8a8cf2b9d431b24200b9dd3b3093ea1b6dd49d3ca81bcea0ad9e755f674aeb43a18f67f419a700c2cdf670bbc6a42ff32

    • SSDEEP

      49152:SnjQqMSPbcBVQej/1INRx+TSqTdX1HkQ:+8qPoBhz1aRxcSUDk

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3135) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks