General

  • Target

    eee6f883f7da3efafba40d560ae5f1c9_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240921-cx2zxs1cpp

  • MD5

    eee6f883f7da3efafba40d560ae5f1c9

  • SHA1

    3edb61b26bdb771c0210d2ae62e77e7be214eb00

  • SHA256

    fea1973ad1ef8844c4efdddd08c4b6ce9744b74deb3c8084d4c10453d42c87b1

  • SHA512

    1414e726a3b4626a08c8ecbeb41afdbd2fd3dd68c83415269626287cd7760280cde0b2717dfa3eb43d9be3999fd42d230ac47217d3f0b15face0a7531881efe4

  • SSDEEP

    49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAMh9FWy8U4WpEk6aize3wK:d8qPoBhz1aRxcSUDk36SAAanaiK3L

Malware Config

Targets

    • Target

      eee6f883f7da3efafba40d560ae5f1c9_JaffaCakes118

    • Size

      5.0MB

    • MD5

      eee6f883f7da3efafba40d560ae5f1c9

    • SHA1

      3edb61b26bdb771c0210d2ae62e77e7be214eb00

    • SHA256

      fea1973ad1ef8844c4efdddd08c4b6ce9744b74deb3c8084d4c10453d42c87b1

    • SHA512

      1414e726a3b4626a08c8ecbeb41afdbd2fd3dd68c83415269626287cd7760280cde0b2717dfa3eb43d9be3999fd42d230ac47217d3f0b15face0a7531881efe4

    • SSDEEP

      49152:JnjQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAMh9FWy8U4WpEk6aize3wK:d8qPoBhz1aRxcSUDk36SAAanaiK3L

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3323) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks