Overview

overview

10

Static

static

3

e6005c6ca4...18.dll

windows7-x64

10

e6005c6ca4...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6005c6ca493a2b6821c376a46c1e70d_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240917-ef443atbkb

  • MD5

    e6005c6ca493a2b6821c376a46c1e70d

  • SHA1

    f612535cea5125f98459754a6d795c9bf9b8caf3

  • SHA256

    466c9299aacc56c945e86109e985f4d24039aece37112a92b0f5ef7e32c80802

  • SHA512

    25320c742085dbb2c66f53dc8234bc9d03577a170d453484b6b6b25275c9bed918d14c94752e64b91c9594fcde6745e0e63d4a84545db8408a7d363b01da26c7

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:+DqPoBhz1aRxcSUDk36SA

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      e6005c6ca493a2b6821c376a46c1e70d_JaffaCakes118

    • Size

      5.0MB

    • MD5

      e6005c6ca493a2b6821c376a46c1e70d

    • SHA1

      f612535cea5125f98459754a6d795c9bf9b8caf3

    • SHA256

      466c9299aacc56c945e86109e985f4d24039aece37112a92b0f5ef7e32c80802

    • SHA512

      25320c742085dbb2c66f53dc8234bc9d03577a170d453484b6b6b25275c9bed918d14c94752e64b91c9594fcde6745e0e63d4a84545db8408a7d363b01da26c7

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:+DqPoBhz1aRxcSUDk36SA

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3299) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks