General

  • Target

    d8eeaf2dae1c11d97c95f2b57c33af97_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240910-ykdmfstbnf

  • MD5

    d8eeaf2dae1c11d97c95f2b57c33af97

  • SHA1

    757b50626f617b38fe1f1bb82772e4ef0bfe70b2

  • SHA256

    95e70e4082fe034ebd32c95686570ca2aeb99addd9b7d56262be45fd86994d74

  • SHA512

    8002fa5feb24946f40e19be6664b5e165d387c5e31e9e7a2a260f3a9ad825b25f9b4491e0d6bac9e879efa78b934e55091f5a2358eda148ab1dac66a4e23ff7c

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9nR8yAVp2H:+DqPe1Cxcxk3ZAEUatR8yc4H

Malware Config

Targets

    • Target

      d8eeaf2dae1c11d97c95f2b57c33af97_JaffaCakes118

    • Size

      5.0MB

    • MD5

      d8eeaf2dae1c11d97c95f2b57c33af97

    • SHA1

      757b50626f617b38fe1f1bb82772e4ef0bfe70b2

    • SHA256

      95e70e4082fe034ebd32c95686570ca2aeb99addd9b7d56262be45fd86994d74

    • SHA512

      8002fa5feb24946f40e19be6664b5e165d387c5e31e9e7a2a260f3a9ad825b25f9b4491e0d6bac9e879efa78b934e55091f5a2358eda148ab1dac66a4e23ff7c

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9nR8yAVp2H:+DqPe1Cxcxk3ZAEUatR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (2980) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks