locky_lukitus | 87f7c04e91789574ed974c8374f57d55e0de18cf328cce1bba942431de1b50d7 | Triage

Submit
Reports

Overview

overview

Static

static

8514a2eca4...85.exe

windows7_x64

8514a2eca4...85.exe

windows10_x64

Sharing

General

Target

8514a2eca4090f400a43c4af915eb3ef6e9c15dabe69716189e7c68c72cfa285.zip
Size

530KB
Sample

201105-8lgwryt8mj
MD5

346819af694216773e1f6e3fbf1db1f5
SHA1

db019e217617d7b85fb39d98b49e5f25ee80cba2
SHA256

87f7c04e91789574ed974c8374f57d55e0de18cf328cce1bba942431de1b50d7
SHA512

a101386d1064f68fbfa67a4caf4104e7c93c3dc0a5453fdeb2bd9cd8432c8529b3fa224a8363f109fb3ba7ad1b11ed217cbb4bd407e7b12b692b628553972f24

Score

10^/10

locky_lukitus ransomware

Static task

static1

Behavioral task

behavioral1

Sample

8514a2eca4090f400a43c4af915eb3ef6e9c15dabe69716189e7c68c72cfa285.exe

Resource

win7v20201028

locky_lukitus ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8514a2eca4090f400a43c4af915eb3ef6e9c15dabe69716189e7c68c72cfa285.exe

Resource

win10v20201028

locky_lukitus ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  8514a2eca4090f400a43c4af915eb3ef6e9c15dabe69716189e7c68c72cfa285
- Size
  
  617KB
- MD5
  
  d14bc9efe80aeb7d172cbb590f80eba7
- SHA1
  
  9d6ea38d9a33446488e3a53ca35669f7ded2b747
- SHA256
  
  8514a2eca4090f400a43c4af915eb3ef6e9c15dabe69716189e7c68c72cfa285
- SHA512
  
  cb22f3c7d3f35cc4d149d88caf128229c396123997b52c2dfb70203cbb671f967c20bb1615ec84227d1207d50cacd32daf1360f076d42c50b113949074192b58
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy