General
-
Target
f4f2e35feb96f5f48daa5f8ce69448d7_JaffaCakes118
-
Size
5.0MB
-
Sample
240925-cnnqyasare
-
MD5
f4f2e35feb96f5f48daa5f8ce69448d7
-
SHA1
6f3a3b86f22d55c2ddfbe1ab316089c07ba030b9
-
SHA256
ef376214f178669b0a57bd061bf6b34e1631fcb4831ede7ab204588657d44596
-
SHA512
2476e65afbaf13a3a4c620bb0d0067bbc8a8eefefcf018b4adbf76107ce7dca5469c2b335fa7ed6778613fb79a354a775ab06becb139fe019464514c3e09e5d2
-
SSDEEP
49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAxxJM:+DqPoBhz1aRxcSUDk36SA4xW
Malware Config
Targets
-
-
Target
f4f2e35feb96f5f48daa5f8ce69448d7_JaffaCakes118
-
Size
5.0MB
-
MD5
f4f2e35feb96f5f48daa5f8ce69448d7
-
SHA1
6f3a3b86f22d55c2ddfbe1ab316089c07ba030b9
-
SHA256
ef376214f178669b0a57bd061bf6b34e1631fcb4831ede7ab204588657d44596
-
SHA512
2476e65afbaf13a3a4c620bb0d0067bbc8a8eefefcf018b4adbf76107ce7dca5469c2b335fa7ed6778613fb79a354a775ab06becb139fe019464514c3e09e5d2
-
SSDEEP
49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAxxJM:+DqPoBhz1aRxcSUDk36SA4xW
Score10/10-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Contacts a large (3135) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-