General

  • Target

    dccb6ff69d6cf9021be27fd3a555fceb_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240912-wy6jaaxdqj

  • MD5

    dccb6ff69d6cf9021be27fd3a555fceb

  • SHA1

    3142b09f7c36cf468c54eb8d5383e680caa9ae75

  • SHA256

    d77c2654998c833dce98951f8ea663e248da995bce80fe7e9237d793e097cde9

  • SHA512

    61900cfef72a61862290974f6dec80750fbfe61073dcda20511f155362a71426efa3f7b204859611b7884ee03b37d37af11e0f0da1b4e8423c0ea1e7ec41c2db

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0vcH9PO6LLuYAMEcpcL7nEaut/8ukE7A4i0:SnAQqMSPbcBVkH9PAMEcaEau358

Malware Config

Targets

    • Target

      dccb6ff69d6cf9021be27fd3a555fceb_JaffaCakes118

    • Size

      5.0MB

    • MD5

      dccb6ff69d6cf9021be27fd3a555fceb

    • SHA1

      3142b09f7c36cf468c54eb8d5383e680caa9ae75

    • SHA256

      d77c2654998c833dce98951f8ea663e248da995bce80fe7e9237d793e097cde9

    • SHA512

      61900cfef72a61862290974f6dec80750fbfe61073dcda20511f155362a71426efa3f7b204859611b7884ee03b37d37af11e0f0da1b4e8423c0ea1e7ec41c2db

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0vcH9PO6LLuYAMEcpcL7nEaut/8ukE7A4i0:SnAQqMSPbcBVkH9PAMEcaEau358

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3084) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks