General

  • Target

    f33dc28c6f7f645b51022740002f7f27_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240924-kgnflaxerr

  • MD5

    f33dc28c6f7f645b51022740002f7f27

  • SHA1

    60b99690e404ed740a0797c6672cbf95d8315e3b

  • SHA256

    13f92702aa70783241bf7ba3b6a6b2de9bcbd728cd38af5a8d2146ca6a59dcbe

  • SHA512

    90f45af1b51b1a47923279ae82f2578e55af40c6a738238ec0ac03945db052d8566d13f6e0b1a0e6d5011cddeabc58bc3e2262a5231765fa414719f1eb172f6b

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+ODs+DH3Dwv:SnAQqMSPbcBVQej/1INRx+ih8v

Malware Config

Targets

    • Target

      f33dc28c6f7f645b51022740002f7f27_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f33dc28c6f7f645b51022740002f7f27

    • SHA1

      60b99690e404ed740a0797c6672cbf95d8315e3b

    • SHA256

      13f92702aa70783241bf7ba3b6a6b2de9bcbd728cd38af5a8d2146ca6a59dcbe

    • SHA512

      90f45af1b51b1a47923279ae82f2578e55af40c6a738238ec0ac03945db052d8566d13f6e0b1a0e6d5011cddeabc58bc3e2262a5231765fa414719f1eb172f6b

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+ODs+DH3Dwv:SnAQqMSPbcBVQej/1INRx+ih8v

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3205) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks