Overview

overview

10

Static

static

3

fecedeedc7...18.dll

windows7-x64

10

fecedeedc7...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fecedeedc700847c52753f372c6b6357_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240929-sswkcasgpf

  • MD5

    fecedeedc700847c52753f372c6b6357

  • SHA1

    23d16ed7723dcdc9a858bcb5171c9793150b5c03

  • SHA256

    84855a4c23222f861135a3b0be879a573cb91ec7827a7fa6d119f38c43b3730b

  • SHA512

    b2caf9e615aecba44c684d6207048e251e8c78da8243c06942a183418da57351d2b7c643ba2fedabbf941dadbf5cdf8696f72cf5cd93f77719b44efa771389e1

  • SSDEEP

    49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:+DqPoBhz1aRxcSUDk36SA

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      fecedeedc700847c52753f372c6b6357_JaffaCakes118

    • Size

      5.0MB

    • MD5

      fecedeedc700847c52753f372c6b6357

    • SHA1

      23d16ed7723dcdc9a858bcb5171c9793150b5c03

    • SHA256

      84855a4c23222f861135a3b0be879a573cb91ec7827a7fa6d119f38c43b3730b

    • SHA512

      b2caf9e615aecba44c684d6207048e251e8c78da8243c06942a183418da57351d2b7c643ba2fedabbf941dadbf5cdf8696f72cf5cd93f77719b44efa771389e1

    • SSDEEP

      49152:SnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:+DqPoBhz1aRxcSUDk36SA

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3272) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks