General
-
Target
d37b28c7ee15aa3415e85a8e273394fe_JaffaCakes118
-
Size
5.0MB
-
Sample
240908-ehdpwswgrf
-
MD5
d37b28c7ee15aa3415e85a8e273394fe
-
SHA1
e9a602a5fe9803884a92c1aa9b992821f1e258b4
-
SHA256
dd0c86baff069027ec000ffac52be662fcb427bd881580847530ff352d7b6fa8
-
SHA512
b39e0d9b81f274c2ffdedbf58f6aeaac81dce7d14b1ebb909f145d3c2195196c1015a0ee3c0aa82d3d80411bb9487fdbde988bec3e7e1cf6927ae78ccb7a15c1
-
SSDEEP
98304:+D5Bhz1aRxcSUDk36SAEdhvxWa9P593R8:+D11Cxcxk3ZAEUadzR8
Malware Config
Targets
-
-
Target
d37b28c7ee15aa3415e85a8e273394fe_JaffaCakes118
-
Size
5.0MB
-
MD5
d37b28c7ee15aa3415e85a8e273394fe
-
SHA1
e9a602a5fe9803884a92c1aa9b992821f1e258b4
-
SHA256
dd0c86baff069027ec000ffac52be662fcb427bd881580847530ff352d7b6fa8
-
SHA512
b39e0d9b81f274c2ffdedbf58f6aeaac81dce7d14b1ebb909f145d3c2195196c1015a0ee3c0aa82d3d80411bb9487fdbde988bec3e7e1cf6927ae78ccb7a15c1
-
SSDEEP
98304:+D5Bhz1aRxcSUDk36SAEdhvxWa9P593R8:+D11Cxcxk3ZAEUadzR8
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3303) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-