General

  • Target

    efeea1dc1f737548620a9d942b49f56b_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240921-q5nddsvglh

  • MD5

    efeea1dc1f737548620a9d942b49f56b

  • SHA1

    8baf6e9a7f4413c38f8952abe2e242ee519afd16

  • SHA256

    6e52be915d36b85beac21bbc7d03fc8aeb7e2acfc8f4877a3fa319936a2e2fb2

  • SHA512

    341cbd9af4670c5b32fce44f2446d2fb566ad3cdb44e63559299aed726d18857ae7de11bd41fdc0ec57acd25a47fcc5ac401c0347551782b83065df8a833bf8d

  • SSDEEP

    49152:znAQqMSPbcBVQvxJM0H9PAMEc6Eau3R8yAH1plAH:TDqPoB6xWa9P5h3R8yAVp2H

Malware Config

Targets

    • Target

      efeea1dc1f737548620a9d942b49f56b_JaffaCakes118

    • Size

      5.0MB

    • MD5

      efeea1dc1f737548620a9d942b49f56b

    • SHA1

      8baf6e9a7f4413c38f8952abe2e242ee519afd16

    • SHA256

      6e52be915d36b85beac21bbc7d03fc8aeb7e2acfc8f4877a3fa319936a2e2fb2

    • SHA512

      341cbd9af4670c5b32fce44f2446d2fb566ad3cdb44e63559299aed726d18857ae7de11bd41fdc0ec57acd25a47fcc5ac401c0347551782b83065df8a833bf8d

    • SSDEEP

      49152:znAQqMSPbcBVQvxJM0H9PAMEc6Eau3R8yAH1plAH:TDqPoB6xWa9P5h3R8yAVp2H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3325) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks