General

  • Target

    e032dffe8dd0bd5689752d7fc27846d7_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240914-pvpm2avbjh

  • MD5

    e032dffe8dd0bd5689752d7fc27846d7

  • SHA1

    726772e281049e0d6f49e5d61e45fce1b53fb2e2

  • SHA256

    e7ce294f262e3ce1214c17e16e8cd8a18217c2815ca42c7e0b71865faa53f34b

  • SHA512

    23578d60da045f542d8b1e2346fab09ec8d02d234a00502a94e561cb5d1fa6c707438e3e54116af2757c7276711c7e7b9e94af7908105a6825fba36beab42b0b

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0JAdmv1LJMfcH9PO6LLuYFkqAH1pNZtA0p+9XEk:SnAQqMSPbcBVJnvxJM0H9PpAH1plAH

Malware Config

Targets

    • Target

      e032dffe8dd0bd5689752d7fc27846d7_JaffaCakes118

    • Size

      5.0MB

    • MD5

      e032dffe8dd0bd5689752d7fc27846d7

    • SHA1

      726772e281049e0d6f49e5d61e45fce1b53fb2e2

    • SHA256

      e7ce294f262e3ce1214c17e16e8cd8a18217c2815ca42c7e0b71865faa53f34b

    • SHA512

      23578d60da045f542d8b1e2346fab09ec8d02d234a00502a94e561cb5d1fa6c707438e3e54116af2757c7276711c7e7b9e94af7908105a6825fba36beab42b0b

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0JAdmv1LJMfcH9PO6LLuYFkqAH1pNZtA0p+9XEk:SnAQqMSPbcBVJnvxJM0H9PpAH1plAH

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3346) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks