locky | cfc9a840db2ea814739f220bdaa2edc18f2fdcb350a40646bdc144ea7b559b9f | Triage

Submit
Reports

Overview

overview

Static

static

20161205_e...115.js

windows7_x64

20161205_e...115.js

windows10_x64

Sharing

General

Target

20161205_e4a80fe1dcf0f7e3a9cb5ebfd027c115.js
Size

13KB
Sample

211117-nqnz9shbgj
MD5

cf7844b89cfa63d28152f4706ab1fc74
SHA1

ce46ff282bfe3162aec806b92672e0299aa09588
SHA256

cfc9a840db2ea814739f220bdaa2edc18f2fdcb350a40646bdc144ea7b559b9f
SHA512

58672ec8b6440321d4394e838e911927e2c03217a6ff39357f4c85d3428aef0ed4868e4848d6db3fc27d196d553aaee836a961f76ab4e669f9453e81f631b469

Score

10^/10

locky locky_osiris ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

20161205_e4a80fe1dcf0f7e3a9cb5ebfd027c115.js

Resource

win7-en-20211104

locky locky_osiris ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_e4a80fe1dcf0f7e3a9cb5ebfd027c115.js

Resource

win10-en-20211104

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_e4a80fe1dcf0f7e3a9cb5ebfd027c115.js
- Size
  
  13KB
- MD5
  
  cf7844b89cfa63d28152f4706ab1fc74
- SHA1
  
  ce46ff282bfe3162aec806b92672e0299aa09588
- SHA256
  
  cfc9a840db2ea814739f220bdaa2edc18f2fdcb350a40646bdc144ea7b559b9f
- SHA512
  
  58672ec8b6440321d4394e838e911927e2c03217a6ff39357f4c85d3428aef0ed4868e4848d6db3fc27d196d553aaee836a961f76ab4e669f9453e81f631b469
Score

10^/10

locky locky_osiris ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata
- Blocklisted process makes network request
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomwaresuricata

behavioral2

lockylocky_osirisransomware

© 2018-2025

Terms | Privacy