locky | 8a1d1c5e75724f1ddc46071f3bb38d6ddd9713adfd0b5bf05df4598f410a1331 | Triage

Submit
Reports

Overview

overview

Static

static

20161205_1...5ab.js

windows7_x64

20161205_1...5ab.js

windows10_x64

Sharing

General

Target

20161205_100008bbc736af07046b2402686345ab.js
Size

12KB
Sample

211117-nsdmbahcbn
MD5

b58572a8058a0b867d43ebfa00f357df
SHA1

4d6e8ac1afee83f07c60e18aff413778b5a9ee40
SHA256

8a1d1c5e75724f1ddc46071f3bb38d6ddd9713adfd0b5bf05df4598f410a1331
SHA512

a3e2e4bf1da37a26db6ea8263f7604f52387f5841f50a8a8f6e950932dff664443f0b24de204d9040d89ff76b65e906de03b40ef99307fb324afc163c1aae195

Score

10^/10

locky locky_osiris ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

20161205_100008bbc736af07046b2402686345ab.js

Resource

win7-en-20211104

locky locky_osiris ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_100008bbc736af07046b2402686345ab.js

Resource

win10-en-20211104

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_100008bbc736af07046b2402686345ab.js
- Size
  
  12KB
- MD5
  
  b58572a8058a0b867d43ebfa00f357df
- SHA1
  
  4d6e8ac1afee83f07c60e18aff413778b5a9ee40
- SHA256
  
  8a1d1c5e75724f1ddc46071f3bb38d6ddd9713adfd0b5bf05df4598f410a1331
- SHA512
  
  a3e2e4bf1da37a26db6ea8263f7604f52387f5841f50a8a8f6e950932dff664443f0b24de204d9040d89ff76b65e906de03b40ef99307fb324afc163c1aae195
Score

10^/10

locky locky_osiris ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata
- Blocklisted process makes network request
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomwaresuricata

behavioral2

lockylocky_osirisransomware

© 2018-2024

Terms | Privacy