Overview

overview

10

Static

static

3

fd4fff79f4...18.dll

windows7-x64

10

fd4fff79f4...18.dll

windows10-2004-x64

10

Resubmissions

28-09-2024 23:36

240928-3ln7sstfpf 10

28-09-2024 22:58

240928-2xstpazdkr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd4fff79f429487d143c43502304855a_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240928-2xstpazdkr

  • MD5

    fd4fff79f429487d143c43502304855a

  • SHA1

    72b8eaecc118ca21e0adfdfb080ac462558448d5

  • SHA256

    11d1b9e86aa6f141c5e1070e05b961fe50fe889baf4c370607fb218580abff25

  • SHA512

    53ace4673ac8ab17b3aee3360697e4f70296d7c0b951feddb77ccccf41c794fa3045b680eafb076061d7b09b554fc24fe4755041e4112ff7ee43d2bee83b28cd

  • SSDEEP

    49152:RnaMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:1aPoBhz1aRxcSUDk36SAEdhv

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      fd4fff79f429487d143c43502304855a_JaffaCakes118

    • Size

      5.0MB

    • MD5

      fd4fff79f429487d143c43502304855a

    • SHA1

      72b8eaecc118ca21e0adfdfb080ac462558448d5

    • SHA256

      11d1b9e86aa6f141c5e1070e05b961fe50fe889baf4c370607fb218580abff25

    • SHA512

      53ace4673ac8ab17b3aee3360697e4f70296d7c0b951feddb77ccccf41c794fa3045b680eafb076061d7b09b554fc24fe4755041e4112ff7ee43d2bee83b28cd

    • SSDEEP

      49152:RnaMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnv:1aPoBhz1aRxcSUDk36SAEdhv

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3219) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks