General

  • Target

    f70e6864c0f69af828634172ceeb1b24_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240925-3bk3dswgme

  • MD5

    f70e6864c0f69af828634172ceeb1b24

  • SHA1

    45c3edea88fd5833e94d1a76d9445b2206f70ff4

  • SHA256

    c9c9b6ef41fe30ee27e4db47dfae922caba6fff8607be583eaa5806ccf580e9a

  • SHA512

    2527d307fd88bf903c06cd39df264447c6bd1e08a045f7e9d9ccc3f75e525f703a3a8049f13402f84e5bd594dabef2a2f3305231b487da5903df40dac0dd5eab

  • SSDEEP

    98304:TDqPoBhz1aR36SAEdhvxWa9P593R8yAVp2H:TDqPe1C3ZAEUadzR8yc4H

Malware Config

Targets

    • Target

      f70e6864c0f69af828634172ceeb1b24_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f70e6864c0f69af828634172ceeb1b24

    • SHA1

      45c3edea88fd5833e94d1a76d9445b2206f70ff4

    • SHA256

      c9c9b6ef41fe30ee27e4db47dfae922caba6fff8607be583eaa5806ccf580e9a

    • SHA512

      2527d307fd88bf903c06cd39df264447c6bd1e08a045f7e9d9ccc3f75e525f703a3a8049f13402f84e5bd594dabef2a2f3305231b487da5903df40dac0dd5eab

    • SSDEEP

      98304:TDqPoBhz1aR36SAEdhvxWa9P593R8yAVp2H:TDqPe1C3ZAEUadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3294) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks