locky | 0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b | Triage

Submit
Reports

Overview

overview

Static

static

0a2bc257eb...9b.exe

windows7_x64

0a2bc257eb...9b.exe

windows10-2004_x64

Sharing

General

Target

0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b
Size

303KB
Sample

220524-w6t58adce4
MD5

d5fee0c6f1d0d730de259c64e6373a0c
SHA1

894f45f50454001bd21ad2713fefc15eb25b2b8b
SHA256

0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b
SHA512

fa39d6cdf1c00ec33ce02df71d16d83d58095d09d6a2a1c9d31ceb0bcd1d0c01abbe39daa49de37fab525a59678db241d2d2ebb36359c203a2e25c808c6b5f79

Score

10^/10

locky locky_osiris persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b.exe

Resource

win7-20220414-en

locky locky_osiris ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b.exe

Resource

win10v2004-20220414-en

locky locky_osiris persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b
- Size
  
  303KB
- MD5
  
  d5fee0c6f1d0d730de259c64e6373a0c
- SHA1
  
  894f45f50454001bd21ad2713fefc15eb25b2b8b
- SHA256
  
  0a2bc257eb1e266e2fd7c608bbb7e1f2ed34660c8ff21f32999fe49c6997329b
- SHA512
  
  fa39d6cdf1c00ec33ce02df71d16d83d58095d09d6a2a1c9d31ceb0bcd1d0c01abbe39daa49de37fab525a59678db241d2d2ebb36359c203a2e25c808c6b5f79
Score

10^/10

locky locky_osiris ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomware

behavioral2

lockylocky_osirispersistenceransomware

© 2018-2024

Terms | Privacy