locky | 1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6 | Triage

Submit
Reports

Overview

overview

Static

static

1c0b42adec...d6.exe

windows7_x64

1c0b42adec...d6.exe

windows10-2004_x64

Sharing

General

Target

1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6
Size

184KB
Sample

220607-t9wgcaghhj
MD5

6bf3cc80a4a40f403d0d6d341d3b06b9
SHA1

c7ab9915a7e5b4a1396fc57262e91b2a38612eee
SHA256

1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6
SHA512

b3e0baff8d994a23539c1b1ae909b5440d224ac65cd0034306c8f448f574d0a99e2d3ee1c8e67c66bf97172fe55bacf3674d6163d31f5b01c034bb955a161fec

Score

10^/10

locky ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6.exe

Resource

win7-20220414-en

locky ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6
- Size
  
  184KB
- MD5
  
  6bf3cc80a4a40f403d0d6d341d3b06b9
- SHA1
  
  c7ab9915a7e5b4a1396fc57262e91b2a38612eee
- SHA256
  
  1c0b42adec440aa0bf93afaf3b4bc1db298582a0b645fc7d383914aa9fe3f4d6
- SHA512
  
  b3e0baff8d994a23539c1b1ae909b5440d224ac65cd0034306c8f448f574d0a99e2d3ee1c8e67c66bf97172fe55bacf3674d6163d31f5b01c034bb955a161fec
Score

10^/10

locky ransomware suricata
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
  suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
  suricata
- suricata: ET MALWARE Locky CnC checkin Nov 21
  suricata: ET MALWARE Locky CnC checkin Nov 21
  suricata
- suricata: ET MALWARE Locky CnC checkin Nov 21 M2
  suricata: ET MALWARE Locky CnC checkin Nov 21 M2
  suricata
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lockyransomwaresuricata

behavioral2

© 2018-2024

Terms | Privacy