General

  • Target

    ed5fd21a30558b59b60a50f5823d02b7_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240920-maldrs1glp

  • MD5

    ed5fd21a30558b59b60a50f5823d02b7

  • SHA1

    c87961076bcb1b2fe6510a74cf09508db6cb91f9

  • SHA256

    df0456199c797478cb69656aa6f4e8a5daa6f71001408492f1e054a29baf73aa

  • SHA512

    784b889c5e83d323cc338865a2aeaaf5ec8252078e60b7769c8b3487e02876980922b79f7ea1e1f144756b04d314355bc2b923d9e1ddc2d21704efff9edb2b04

  • SSDEEP

    98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp:+DqPe1Cxcxk3ZAEUadzR8yc

Malware Config

Targets

    • Target

      ed5fd21a30558b59b60a50f5823d02b7_JaffaCakes118

    • Size

      5.0MB

    • MD5

      ed5fd21a30558b59b60a50f5823d02b7

    • SHA1

      c87961076bcb1b2fe6510a74cf09508db6cb91f9

    • SHA256

      df0456199c797478cb69656aa6f4e8a5daa6f71001408492f1e054a29baf73aa

    • SHA512

      784b889c5e83d323cc338865a2aeaaf5ec8252078e60b7769c8b3487e02876980922b79f7ea1e1f144756b04d314355bc2b923d9e1ddc2d21704efff9edb2b04

    • SSDEEP

      98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp:+DqPe1Cxcxk3ZAEUadzR8yc

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3276) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks