locky | c7f63ace7a572d2aa7d1c59fb429d701d9ef726c193814c195ccae9154a2c555 | Triage

Submit
Reports

Overview

overview

Static

static

20161205_c...71b.js

windows7_x64

20161205_c...71b.js

windows10_x64

Sharing

General

Target

20161205_c7a9b42aed084c6015e3a51ca465871b.js
Size

13KB
Sample

211117-nnezkscbe5
MD5

0b25736a16fcd565e231c2f5171659b7
SHA1

a6cf56ec5e72e3a08afa7a85146bf144a0168005
SHA256

c7f63ace7a572d2aa7d1c59fb429d701d9ef726c193814c195ccae9154a2c555
SHA512

08ea748d632c8bb8b83de73ca538cca5b6cc9704b1fac749bcfde22df31cfbf4b6c7db9da4b908141de5cb559a7bfa3e95e98affe4725cbcf1d07ea487be6f62

Score

10^/10

locky locky_osiris ransomware

Static task

static1

Behavioral task

behavioral1

Sample

20161205_c7a9b42aed084c6015e3a51ca465871b.js

Resource

win7-en-20211104

locky locky_osiris ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_c7a9b42aed084c6015e3a51ca465871b.js

Resource

win10-en-20211014

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_c7a9b42aed084c6015e3a51ca465871b.js
- Size
  
  13KB
- MD5
  
  0b25736a16fcd565e231c2f5171659b7
- SHA1
  
  a6cf56ec5e72e3a08afa7a85146bf144a0168005
- SHA256
  
  c7f63ace7a572d2aa7d1c59fb429d701d9ef726c193814c195ccae9154a2c555
- SHA512
  
  08ea748d632c8bb8b83de73ca538cca5b6cc9704b1fac749bcfde22df31cfbf4b6c7db9da4b908141de5cb559a7bfa3e95e98affe4725cbcf1d07ea487be6f62
Score

10^/10

locky locky_osiris ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomware

behavioral2

lockylocky_osirisransomware

© 2018-2025

Terms | Privacy