General

  • Target

    edc9d46d513eeea22b8c6fa189bc20bc_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240920-rtl7ma1gmn

  • MD5

    edc9d46d513eeea22b8c6fa189bc20bc

  • SHA1

    cfa3c5b8897e50a64779efbd858b52fba93398ff

  • SHA256

    740f5a1c574ac7cad6134438ffef5b8b4c07aad1167c15e9043aeeffa444b46e

  • SHA512

    88dc79e91da48292fb4b02ca47df24fba14a78a90a9951f448ee1a6adc2f9eaf28bbd5ad901dfd4cfd42be5b3d527884254faed0d2b1caa090324416182ab6fa

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAFEau3R8yAH1plAH:+DqPoBhz1aRxcSUDk36SAT3R8yAVp2H

Malware Config

Targets

    • Target

      edc9d46d513eeea22b8c6fa189bc20bc_JaffaCakes118

    • Size

      5.0MB

    • MD5

      edc9d46d513eeea22b8c6fa189bc20bc

    • SHA1

      cfa3c5b8897e50a64779efbd858b52fba93398ff

    • SHA256

      740f5a1c574ac7cad6134438ffef5b8b4c07aad1167c15e9043aeeffa444b46e

    • SHA512

      88dc79e91da48292fb4b02ca47df24fba14a78a90a9951f448ee1a6adc2f9eaf28bbd5ad901dfd4cfd42be5b3d527884254faed0d2b1caa090324416182ab6fa

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAFEau3R8yAH1plAH:+DqPoBhz1aRxcSUDk36SAT3R8yAVp2H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3275) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks