locky | 0881cd733dd584863daaf87341e4d0c38815a5aa62a9dc7f2608af2a3f1dc3e8 | Triage

Submit
Reports

Overview

overview

Static

static

20161205_e...c70.js

windows7_x64

20161205_e...c70.js

windows10_x64

Sharing

General

Target

20161205_eb2df1e72525f9d332e3179c4d432c70.js
Size

13KB
Sample

211118-rda5esdefm
MD5

4962f8c69418e2a963a2efcf37718d8d
SHA1

aeab75634c68d8505e9f64dcabb1e415e9f53840
SHA256

0881cd733dd584863daaf87341e4d0c38815a5aa62a9dc7f2608af2a3f1dc3e8
SHA512

c2cfc24d90cc8bee452f8cf10d87b038221c9b0c7a5ea5733ccd2ce7ea74b829f15116695f0315f6765adf9aa1922653ecbda249f66aaef9e9b3fa98e2664cd8

Score

10^/10

locky locky_osiris ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

20161205_eb2df1e72525f9d332e3179c4d432c70.js

Resource

win7-en-20211014

locky locky_osiris ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20161205_eb2df1e72525f9d332e3179c4d432c70.js

Resource

win10-en-20211104

locky locky_osiris ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20161205_eb2df1e72525f9d332e3179c4d432c70.js
- Size
  
  13KB
- MD5
  
  4962f8c69418e2a963a2efcf37718d8d
- SHA1
  
  aeab75634c68d8505e9f64dcabb1e415e9f53840
- SHA256
  
  0881cd733dd584863daaf87341e4d0c38815a5aa62a9dc7f2608af2a3f1dc3e8
- SHA512
  
  c2cfc24d90cc8bee452f8cf10d87b038221c9b0c7a5ea5733ccd2ce7ea74b829f15116695f0315f6765adf9aa1922653ecbda249f66aaef9e9b3fa98e2664cd8
Score

10^/10

locky locky_osiris ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata: ET MALWARE Nemucod JS Downloader Aug 01 2017
  suricata
- Blocklisted process makes network request
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lockylocky_osirisransomwaresuricata

behavioral2

lockylocky_osirisransomware

© 2018-2024

Terms | Privacy