General

  • Target

    eeb3e9dbc293f20d5389be41fd28654f_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240921-affn9awcnj

  • MD5

    eeb3e9dbc293f20d5389be41fd28654f

  • SHA1

    c7834423964472d850b3447a524e83e0d5d2ed53

  • SHA256

    83be7f2061c01a6a24326b61c78d249f3f8cde5a35672369cbe8263279e7f58b

  • SHA512

    c2b48501182291913e76e871861d22cfbb9de71a6d7f1cf970c14d71e0d691c6824d6d8b61da6e19ae16f8379b8ab4502914730468578c8d1577f2a2a856201a

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626SX6SASk+:SnAQqMSPbcBVQej/1INRr6SAA

Malware Config

Targets

    • Target

      eeb3e9dbc293f20d5389be41fd28654f_JaffaCakes118

    • Size

      5.0MB

    • MD5

      eeb3e9dbc293f20d5389be41fd28654f

    • SHA1

      c7834423964472d850b3447a524e83e0d5d2ed53

    • SHA256

      83be7f2061c01a6a24326b61c78d249f3f8cde5a35672369cbe8263279e7f58b

    • SHA512

      c2b48501182291913e76e871861d22cfbb9de71a6d7f1cf970c14d71e0d691c6824d6d8b61da6e19ae16f8379b8ab4502914730468578c8d1577f2a2a856201a

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626SX6SASk+:SnAQqMSPbcBVQej/1INRr6SAA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3232) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks