General

  • Target

    d76e42cd409b60f5c1136a69b152dd26_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240910-b78d1s1ejl

  • MD5

    d76e42cd409b60f5c1136a69b152dd26

  • SHA1

    f5ec1a81ed5328da56053f3ade254a223541b7c6

  • SHA256

    cb1e1fd195be73533d6d7b56af2b79c87ee7de55da632d3063c70d7c85505452

  • SHA512

    ea6f8c419238209aaf31b944849a168f7b661b1f21f825f80e7a1512ab18613a1bda341b9e4b97fc341f3eeba295dd53ca096c6e656c536fae6a6fc2292a6037

  • SSDEEP

    12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900VeT9W:SbLgddQhfdmMSirYbcMNgeT9W

Malware Config

Targets

    • Target

      d76e42cd409b60f5c1136a69b152dd26_JaffaCakes118

    • Size

      5.0MB

    • MD5

      d76e42cd409b60f5c1136a69b152dd26

    • SHA1

      f5ec1a81ed5328da56053f3ade254a223541b7c6

    • SHA256

      cb1e1fd195be73533d6d7b56af2b79c87ee7de55da632d3063c70d7c85505452

    • SHA512

      ea6f8c419238209aaf31b944849a168f7b661b1f21f825f80e7a1512ab18613a1bda341b9e4b97fc341f3eeba295dd53ca096c6e656c536fae6a6fc2292a6037

    • SSDEEP

      12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900VeT9W:SbLgddQhfdmMSirYbcMNgeT9W

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3321) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks