General

  • Target

    e784d58fef062a471c059c9a07a2e29c_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240917-xwdadszdpe

  • MD5

    e784d58fef062a471c059c9a07a2e29c

  • SHA1

    21b57ff4886df68dd401aea1bdce2b423021613c

  • SHA256

    7cd6d125eea23cbc42e1a242ad2c91db2e4e79a26266f00f3d7ef88720763ae5

  • SHA512

    a727d2156ea9c5237e60c91dcd0574e231617c8b4625b492b95cd582bf12a57f93a1f4a66ec75332c022804edf4e37774476c218ed93f6569a360d1f076151ee

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEUadzR8yc4

Malware Config

Targets

    • Target

      e784d58fef062a471c059c9a07a2e29c_JaffaCakes118

    • Size

      5.0MB

    • MD5

      e784d58fef062a471c059c9a07a2e29c

    • SHA1

      21b57ff4886df68dd401aea1bdce2b423021613c

    • SHA256

      7cd6d125eea23cbc42e1a242ad2c91db2e4e79a26266f00f3d7ef88720763ae5

    • SHA512

      a727d2156ea9c5237e60c91dcd0574e231617c8b4625b492b95cd582bf12a57f93a1f4a66ec75332c022804edf4e37774476c218ed93f6569a360d1f076151ee

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2:+DqPe1Cxcxk3ZAEUadzR8yc4

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3189) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks