General
-
Target
d21fe309ec2152f774bfd4f963237b75_JaffaCakes118
-
Size
5.0MB
-
Sample
240907-rj7qksxhkn
-
MD5
d21fe309ec2152f774bfd4f963237b75
-
SHA1
117bd6935e7ce21a3bc0804a0fb08fbc98ccbd20
-
SHA256
242f327e98d2a627542bba2a60860147281e20580880087a1f9a4df550e56c88
-
SHA512
df58122cae38b8edeb682684665ab078df2cb8f0211536391dbe27f9dae8fd13b5565d38f7499b0fbcfc91e65d9d9b05f8c98d7c86921f3f03835221a0ad996c
-
SSDEEP
49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQ:+DqPoBhz1aRxcSUDk
Malware Config
Targets
-
-
Target
d21fe309ec2152f774bfd4f963237b75_JaffaCakes118
-
Size
5.0MB
-
MD5
d21fe309ec2152f774bfd4f963237b75
-
SHA1
117bd6935e7ce21a3bc0804a0fb08fbc98ccbd20
-
SHA256
242f327e98d2a627542bba2a60860147281e20580880087a1f9a4df550e56c88
-
SHA512
df58122cae38b8edeb682684665ab078df2cb8f0211536391dbe27f9dae8fd13b5565d38f7499b0fbcfc91e65d9d9b05f8c98d7c86921f3f03835221a0ad996c
-
SSDEEP
49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQ:+DqPoBhz1aRxcSUDk
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (2600) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-