locky | 10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5 | Triage

Submit
Reports

Overview

overview

Static

static

20161205_0...816.js

windows7_x64

20161205_0...816.js

windows10_x64

Sharing

General

Target

20161205_0a3057963564d1fbe7c4c961ad8c2816.js
Size

13KB
Sample

211117-nn7dtshbdm
MD5

874e785cda72eb99593ce097ab739b71
SHA1

a8b8d3ed05173b8a33d3f03d525ea440e593848c
SHA256

10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5
SHA512

c984bfc1dc0ea684c466530bba8d8a83ad61da413e23cd6f2bd98301b5560c5f5acc6d7ced6c5035fd9954239a7a3ab8284120d8c07d568bb579eb454f398cab

Score

10^/10

locky locky_osiris ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

20161205_0a3057963564d1fbe7c4c961ad8c2816.js

Resource

win7-en-20211104

locky locky_osiris ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_0a3057963564d1fbe7c4c961ad8c2816.js

Resource

win10-en-20211104

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_0a3057963564d1fbe7c4c961ad8c2816.js
- Size
  
  13KB
- MD5
  
  874e785cda72eb99593ce097ab739b71
- SHA1
  
  a8b8d3ed05173b8a33d3f03d525ea440e593848c
- SHA256
  
  10fc625dc1859a1f88b9cae2aae55e4268c027a65eff039d0266e855c75b6ca5
- SHA512
  
  c984bfc1dc0ea684c466530bba8d8a83ad61da413e23cd6f2bd98301b5560c5f5acc6d7ced6c5035fd9954239a7a3ab8284120d8c07d568bb579eb454f398cab
Score

10^/10

locky locky_osiris ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata
- Blocklisted process makes network request
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomwaresuricata

behavioral2

lockylocky_osirisransomware

© 2018-2024

Terms | Privacy