General

  • Target

    f26b46cc433aed4de0582355b4a7c58d_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240922-va6zgazblb

  • MD5

    f26b46cc433aed4de0582355b4a7c58d

  • SHA1

    5e4a6a44cb6d7267d258a740795a8b4f379cf53c

  • SHA256

    7763b6250f600f368046030fcf8f2b1f859230703aaaf8430af8328a9ef7d15e

  • SHA512

    feeedc5a303dee11f7f53c30da88db4a5088b80d7d24b83de70f9d063ffff6098531088df7825799d8b6bdd06dbdeff99d84be58ceccd1a2725a3175cffb0840

  • SSDEEP

    24576:JbLgdeQhfdfO6LLuYAMEcpcL7nEaut/8uME7A4kqAH1pNZtA0p+9XEk:JnjQTAMEcaEau3R8yAH1plAH

Malware Config

Targets

    • Target

      f26b46cc433aed4de0582355b4a7c58d_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f26b46cc433aed4de0582355b4a7c58d

    • SHA1

      5e4a6a44cb6d7267d258a740795a8b4f379cf53c

    • SHA256

      7763b6250f600f368046030fcf8f2b1f859230703aaaf8430af8328a9ef7d15e

    • SHA512

      feeedc5a303dee11f7f53c30da88db4a5088b80d7d24b83de70f9d063ffff6098531088df7825799d8b6bdd06dbdeff99d84be58ceccd1a2725a3175cffb0840

    • SSDEEP

      24576:JbLgdeQhfdfO6LLuYAMEcpcL7nEaut/8uME7A4kqAH1pNZtA0p+9XEk:JnjQTAMEcaEau3R8yAH1plAH

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3287) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks