Overview

overview

10

Static

static

3

fac31665f2...18.dll

windows7-x64

10

fac31665f2...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fac31665f283cd03275732939e3fbc58_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240927-t5mcwa1grr

  • MD5

    fac31665f283cd03275732939e3fbc58

  • SHA1

    5812c2bfcf8d92293396e47ed5e250d57878d7e2

  • SHA256

    c8e1f103e2313c54a080542f8a88e0f06204654ff99963add4ecb95e726c0564

  • SHA512

    65ae586ccc9a824be82463569118cfe4dee0e324f6ba94ac4fc368abe694ca39af0d89974a89a29c780c50048998b1ea8e504355ec51fc006aa705d6f2ac0751

  • SSDEEP

    24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPV0:SnAQqMSPbcBVQej/1INRx+TSqTd0

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      fac31665f283cd03275732939e3fbc58_JaffaCakes118

    • Size

      5.0MB

    • MD5

      fac31665f283cd03275732939e3fbc58

    • SHA1

      5812c2bfcf8d92293396e47ed5e250d57878d7e2

    • SHA256

      c8e1f103e2313c54a080542f8a88e0f06204654ff99963add4ecb95e726c0564

    • SHA512

      65ae586ccc9a824be82463569118cfe4dee0e324f6ba94ac4fc368abe694ca39af0d89974a89a29c780c50048998b1ea8e504355ec51fc006aa705d6f2ac0751

    • SSDEEP

      24576:SbLgddQhfdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLKz6626M+vbOSSqTPV0:SnAQqMSPbcBVQej/1INRx+TSqTd0

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3216) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks