General

  • Target

    e7d28ea7b3975ea3d03b60ac3aadc04d_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240917-2et9ssyang

  • MD5

    e7d28ea7b3975ea3d03b60ac3aadc04d

  • SHA1

    06b60942196774105f1790ed180a5f9bf6dc14d4

  • SHA256

    a04d2515ca561bc2d19f529de920b896c359ccce7f33294638dc86842e6934c7

  • SHA512

    1cb7dc2434c629d3506c03a44a61a972ff9f905da68e8ebe5d72657757e90fbb7eb1fdb6cbb3d1b14686088a413737c3859f625705dda35dabcdaf34fe51610c

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAd593R8yAVp2H:+DqPe1Cxcxk3ZAdzR8yc4H

Malware Config

Targets

    • Target

      e7d28ea7b3975ea3d03b60ac3aadc04d_JaffaCakes118

    • Size

      5.0MB

    • MD5

      e7d28ea7b3975ea3d03b60ac3aadc04d

    • SHA1

      06b60942196774105f1790ed180a5f9bf6dc14d4

    • SHA256

      a04d2515ca561bc2d19f529de920b896c359ccce7f33294638dc86842e6934c7

    • SHA512

      1cb7dc2434c629d3506c03a44a61a972ff9f905da68e8ebe5d72657757e90fbb7eb1fdb6cbb3d1b14686088a413737c3859f625705dda35dabcdaf34fe51610c

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAd593R8yAVp2H:+DqPe1Cxcxk3ZAdzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3356) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks