General

  • Target

    f954b974b717c77f377f9efe747fbac1_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240926-3ec6yswenb

  • MD5

    f954b974b717c77f377f9efe747fbac1

  • SHA1

    16db73d8089233d16c0454f7833d6345d15da871

  • SHA256

    be82a36ff7a1f80fdd04123552815fc4e4cd61b7791f42240c08976b525fa546

  • SHA512

    f715d51082c61fcc0749886cbb9afb3d635b5cb314f99b56eec1663d279c403f0d655cd985eb5799472dd2ab7276e9252751733464032a96313e9fa3f566ef61

  • SSDEEP

    98304:+DqPoBhz1ScSUDk36SAEdhvxWa9P593R8yAVp2H:+DqPe1Scxk3ZAEUadzR8yc4H

Malware Config

Targets

    • Target

      f954b974b717c77f377f9efe747fbac1_JaffaCakes118

    • Size

      5.0MB

    • MD5

      f954b974b717c77f377f9efe747fbac1

    • SHA1

      16db73d8089233d16c0454f7833d6345d15da871

    • SHA256

      be82a36ff7a1f80fdd04123552815fc4e4cd61b7791f42240c08976b525fa546

    • SHA512

      f715d51082c61fcc0749886cbb9afb3d635b5cb314f99b56eec1663d279c403f0d655cd985eb5799472dd2ab7276e9252751733464032a96313e9fa3f566ef61

    • SSDEEP

      98304:+DqPoBhz1ScSUDk36SAEdhvxWa9P593R8yAVp2H:+DqPe1Scxk3ZAEUadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3284) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks