locky | 0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543 | Triage

Submit
Reports

Overview

overview

Static

static

0f9ca5c555...43.exe

windows7_x64

0f9ca5c555...43.exe

windows10-2004_x64

Sharing

General

Target

0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543
Size

600KB
Sample

220604-se64xscca3
MD5

caf3575a95198ee925f2dfdeba2e78f3
SHA1

2f267d5e2fb9d6ae818d5caa7f2fa508daf09d67
SHA256

0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543
SHA512

0b76001d9990a8163caaae9187294af58d87a91f02ebb2840fd373e850e4dc311f57340b16462ebe0da258e811be1dfc6af442f57c2b745e67d06a5c21c8a952

Score

10^/10

locky ransomware

Static task

static1

Behavioral task

behavioral1

Sample

0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543.exe

Resource

win10v2004-20220414-en

locky ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543
- Size
  
  600KB
- MD5
  
  caf3575a95198ee925f2dfdeba2e78f3
- SHA1
  
  2f267d5e2fb9d6ae818d5caa7f2fa508daf09d67
- SHA256
  
  0f9ca5c555ddf4b5b29573ea1a513a69555afcfd0b1d3fa8f441bc6991bce543
- SHA512
  
  0b76001d9990a8163caaae9187294af58d87a91f02ebb2840fd373e850e4dc311f57340b16462ebe0da258e811be1dfc6af442f57c2b745e67d06a5c21c8a952
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy