General

  • Target

    e3bb6ee38af372c8bce4d6b6ec7b8a42_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240916-bkdacs1fqa

  • MD5

    e3bb6ee38af372c8bce4d6b6ec7b8a42

  • SHA1

    bb76fb353e8ea16ac6e3be917419d5cb06a19087

  • SHA256

    5b004e212c5e936c249c8b9cd5b4864f0d5340e0dc94f9774db24d4c5e918553

  • SHA512

    d0b0572856ea1daa017caebcd0b979d369d6beea3e441b336a226bf95d6c4a0559ea4d8212d943dfe34487a0fdeae06dac17df74f7834805031821c447d6c24c

  • SSDEEP

    49152:2nAQqMSPbcBV8nvxJM0H9PAMEcaEau3R8y:yDqPoBOvxWa9P593R8y

Malware Config

Targets

    • Target

      e3bb6ee38af372c8bce4d6b6ec7b8a42_JaffaCakes118

    • Size

      3.6MB

    • MD5

      e3bb6ee38af372c8bce4d6b6ec7b8a42

    • SHA1

      bb76fb353e8ea16ac6e3be917419d5cb06a19087

    • SHA256

      5b004e212c5e936c249c8b9cd5b4864f0d5340e0dc94f9774db24d4c5e918553

    • SHA512

      d0b0572856ea1daa017caebcd0b979d369d6beea3e441b336a226bf95d6c4a0559ea4d8212d943dfe34487a0fdeae06dac17df74f7834805031821c447d6c24c

    • SSDEEP

      49152:2nAQqMSPbcBV8nvxJM0H9PAMEcaEau3R8y:yDqPoBOvxWa9P593R8y

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3207) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks