General

  • Target

    f357e23d1e4cc689fc6610f42cbc1237_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240924-lj1dlssgpa

  • MD5

    f357e23d1e4cc689fc6610f42cbc1237

  • SHA1

    f7b1718467ba6e14d4c31c265b6d9e0dc44aa34c

  • SHA256

    a002834349dc85cda6a7d9b894ff4a98ff82ceac146ac3a2e7216a417d3600a0

  • SHA512

    0de13ba8061ac0e306dc2a5bf184c70b20d6d5c9906cbcc081536851ede0a4f636b048d94b3a1bb721e389673c520ca4b6d0078c4a1e663201eb3ee7990dcb71

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9

Malware Config

Targets

    • Target

      f357e23d1e4cc689fc6610f42cbc1237_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f357e23d1e4cc689fc6610f42cbc1237

    • SHA1

      f7b1718467ba6e14d4c31c265b6d9e0dc44aa34c

    • SHA256

      a002834349dc85cda6a7d9b894ff4a98ff82ceac146ac3a2e7216a417d3600a0

    • SHA512

      0de13ba8061ac0e306dc2a5bf184c70b20d6d5c9906cbcc081536851ede0a4f636b048d94b3a1bb721e389673c520ca4b6d0078c4a1e663201eb3ee7990dcb71

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9:+DqPoBhz1aRxcSUDk36SAEdhvxWa9

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3263) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks