General

  • Target

    e19f1bfc80c2efd58a78e80e4b1b3abb_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240915-d285gatdqf

  • MD5

    e19f1bfc80c2efd58a78e80e4b1b3abb

  • SHA1

    d198cf287892f6ea3eeef8504ec3d0d99d826d49

  • SHA256

    0e1ea0693da53cd5c2cd89da3feec4b44f2caf653f461ed1f7123bb6640e3a66

  • SHA512

    fa16a3face3682724f2f4caf0e22898dd2cdf77c42ace6332d48190b172e9cd17363a759688f7126a65f3a9cfe5540e94bbd61ba9e12c543252ab5a7b5f4983c

  • SSDEEP

    49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAFaEau3R8yAFHAD:TDqPoBhz1aRxcSUDk36SAq3R8yA

Malware Config

Targets

    • Target

      e19f1bfc80c2efd58a78e80e4b1b3abb_JaffaCakes118

    • Size

      5.0MB

    • MD5

      e19f1bfc80c2efd58a78e80e4b1b3abb

    • SHA1

      d198cf287892f6ea3eeef8504ec3d0d99d826d49

    • SHA256

      0e1ea0693da53cd5c2cd89da3feec4b44f2caf653f461ed1f7123bb6640e3a66

    • SHA512

      fa16a3face3682724f2f4caf0e22898dd2cdf77c42ace6332d48190b172e9cd17363a759688f7126a65f3a9cfe5540e94bbd61ba9e12c543252ab5a7b5f4983c

    • SSDEEP

      49152:znAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAFaEau3R8yAFHAD:TDqPoBhz1aRxcSUDk36SAq3R8yA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3269) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks