General

  • Target

    d78335ce9b23e38c18adb7a24eae0ead_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240910-dwh14avapq

  • MD5

    d78335ce9b23e38c18adb7a24eae0ead

  • SHA1

    0b460ecab59ba978a8b7e2b83f773b38c09ebddb

  • SHA256

    12a8c93f1b889d10a5ac519ded21daf7603e5bacaba08824cfb031f0093fbb58

  • SHA512

    5cae3d6dd268f422f5627ae1402fc21eec95f71f31a5ea6ada7bd5a48da2504b6ee6586bb0895eeeec4de9bfa808167ff61fd99a6df939dd2343829b32e71eaa

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhv259Uc/YF:+DqPe1Cxcxk3ZAEKv

Malware Config

Targets

    • Target

      d78335ce9b23e38c18adb7a24eae0ead_JaffaCakes118

    • Size

      5.0MB

    • MD5

      d78335ce9b23e38c18adb7a24eae0ead

    • SHA1

      0b460ecab59ba978a8b7e2b83f773b38c09ebddb

    • SHA256

      12a8c93f1b889d10a5ac519ded21daf7603e5bacaba08824cfb031f0093fbb58

    • SHA512

      5cae3d6dd268f422f5627ae1402fc21eec95f71f31a5ea6ada7bd5a48da2504b6ee6586bb0895eeeec4de9bfa808167ff61fd99a6df939dd2343829b32e71eaa

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhv259Uc/YF:+DqPe1Cxcxk3ZAEKv

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3211) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks