locky | 10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5 | Triage

Submit
Reports

Overview

overview

Static

static

20161205_0...816.js

windows7_x64

20161205_0...816.js

windows10_x64

Sharing

General

Target

20161205_0a3057963564d1fbe7c4c961ad8c2816.js
Size

13KB
Sample

211117-nn7dtshbdm
MD5

874e785cda72eb99593ce097ab739b71
SHA1

a8b8d3ed05173b8a33d3f03d525ea440e593848c
SHA256

10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5
SHA512

c984bfc1dc0ea684c466530bba8d8a83ad61da413e23cd6f2bd98301b5560c5f5acc6d7ced6c5035fd9954239a7a3ab8284120d8c07d568bb579eb454f398cab

Score

10^/10

locky locky_osiris ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

20161205_0a3057963564d1fbe7c4c961ad8c2816.js

Resource

win7-en-20211104

locky locky_osiris ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_0a3057963564d1fbe7c4c961ad8c2816.js

Resource

win10-en-20211104

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_0a3057963564d1fbe7c4c961ad8c2816.js
- Size
  
  13KB
- MD5
  
  874e785cda72eb99593ce097ab739b71
- SHA1
  
  a8b8d3ed05173b8a33d3f03d525ea440e593848c
- SHA256
  
  10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5
- SHA512
  
  c984bfc1dc0ea684c466530bba8d8a83ad61da413e23cd6f2bd98301b5560c5f5acc6d7ced6c5035fd9954239a7a3ab8284120d8c07d568bb579eb454f398cab
Score

10^/10

locky locky_osiris ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata
- Blocklisted process makes network request
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomwaresuricata

behavioral2

lockylocky_osirisransomware

© 2018-2025

Terms | Privacy