Overview

overview

10

Static

static

20161205_2...3c3.js

windows7_x64

10

20161205_2...3c3.js

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20161205_2e6c571558fdba57b85cb4db3b98a3c3.js

  • Size

    13KB

  • Sample

    211117-nyj2aacdf5

  • MD5

    020a1da5932b76e2c7fa33346b582afc

  • SHA1

    6ee6275161befa757ed5a107637a9242bfa35f22

  • SHA256

    b8494b88e63351904e2e8cfb7f9f25ed4bd01a8e1b35cca65dff546dc5c01ccf

  • SHA512

    ced1a86345ce46ed94d6a9a360bdaa73ed8759a8dc078a5bd55ee3e02b7cabcb4a0b2b7eb921c5939f0230f2e5300981c5700d307d9ae7a5a4202a2a00927c34

Score
10/10
lockylocky_osirisransomware

Malware Config

Targets

    • Target

      20161205_2e6c571558fdba57b85cb4db3b98a3c3.js

    • Size

      13KB

    • MD5

      020a1da5932b76e2c7fa33346b582afc

    • SHA1

      6ee6275161befa757ed5a107637a9242bfa35f22

    • SHA256

      b8494b88e63351904e2e8cfb7f9f25ed4bd01a8e1b35cca65dff546dc5c01ccf

    • SHA512

      ced1a86345ce46ed94d6a9a360bdaa73ed8759a8dc078a5bd55ee3e02b7cabcb4a0b2b7eb921c5939f0230f2e5300981c5700d307d9ae7a5a4202a2a00927c34

    Score
    10/10
    lockylocky_osirisransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Locky (Osiris variant)

      Variant of the Locky ransomware seen in the wild since early 2017.

      ransomwarelocky_osiris

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks