General

  • Target

    f6790d429b43c5912d3e01dad0b713c7_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240925-vpt88axajj

  • MD5

    f6790d429b43c5912d3e01dad0b713c7

  • SHA1

    e50155b4108acdf6979a1b7972a111190f696875

  • SHA256

    8c1d52bacdb4a0b154f15d7e7cca74509dd4ca7114a287ba09aa8443c130caba

  • SHA512

    3963526f6f382618add9c886821eb6927a5c17595039ce32bf512a24a766e5a326dbe8386e771ac2a29e93c62bafa2f4cd6bebcc43a626a0398b916e472625ab

  • SSDEEP

    24576:SbLgdqQhfdmMSirYbcMNgeMEcpcL7nEaut/8uME7A4kqAH1pNZtA0p+9XEk:SnvQqMSPbcB/EcaEau3R8yAH1plAH

Malware Config

Targets

    • Target

      f6790d429b43c5912d3e01dad0b713c7_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f6790d429b43c5912d3e01dad0b713c7

    • SHA1

      e50155b4108acdf6979a1b7972a111190f696875

    • SHA256

      8c1d52bacdb4a0b154f15d7e7cca74509dd4ca7114a287ba09aa8443c130caba

    • SHA512

      3963526f6f382618add9c886821eb6927a5c17595039ce32bf512a24a766e5a326dbe8386e771ac2a29e93c62bafa2f4cd6bebcc43a626a0398b916e472625ab

    • SSDEEP

      24576:SbLgdqQhfdmMSirYbcMNgeMEcpcL7nEaut/8uME7A4kqAH1pNZtA0p+9XEk:SnvQqMSPbcB/EcaEau3R8yAH1plAH

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3238) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks