General
-
Target
ec778b5a1be5dfb4ae454bd66d62863a_JaffaCakes118
-
Size
5.0MB
-
Sample
240920-alkkdsyhkj
-
MD5
ec778b5a1be5dfb4ae454bd66d62863a
-
SHA1
8022e9050016e76682479701336585312a137a59
-
SHA256
24eb185b918fdc840b44b8c3a8cfcac21660359182edbf6cf9afa4cc7fbb3539
-
SHA512
7af40e7f8d28fddf9826917ac61d0827dbef37dba6ca4544dfb38f28082b7cad30919f33890582b64730fa0cf930f56bf66c434b62d89316e49b1074af67ec2c
-
SSDEEP
49152:SnAQqMSPbcBVQej/nAARdhnvxJM0H9PAMEcaEau3R8yAH1plAH:+DqPoBhznAEdhvxWa9P593R8yAVp2H
Malware Config
Targets
-
-
Target
ec778b5a1be5dfb4ae454bd66d62863a_JaffaCakes118
-
Size
5.0MB
-
MD5
ec778b5a1be5dfb4ae454bd66d62863a
-
SHA1
8022e9050016e76682479701336585312a137a59
-
SHA256
24eb185b918fdc840b44b8c3a8cfcac21660359182edbf6cf9afa4cc7fbb3539
-
SHA512
7af40e7f8d28fddf9826917ac61d0827dbef37dba6ca4544dfb38f28082b7cad30919f33890582b64730fa0cf930f56bf66c434b62d89316e49b1074af67ec2c
-
SSDEEP
49152:SnAQqMSPbcBVQej/nAARdhnvxJM0H9PAMEcaEau3R8yAH1plAH:+DqPoBhznAEdhvxWa9P593R8yAVp2H
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3230) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-