locky | 21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab | Triage

Submit
Reports

Overview

overview

Static

static

21a77e0062...ab.dll

windows7_x64

21a77e0062...ab.dll

windows10-2004_x64

Sharing

General

Target

21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
Size

141KB
Sample

220612-jrfcascdhr
MD5

38bd1d49f88201a9a6a92ae3f65559c0
SHA1

010847f30975fbac9a45ffc6e70ed640614e4852
SHA256

21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
SHA512

4ff916f7ea78fbd0c0fbb663dc53d8a6060fae819a7f0da09d114d832dde1634943cb603787954fdb0a5fbae20bcc0a2d29157f7b7a1139c8f41424a655db858

Score

10^/10

locky ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab.dll

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab.dll

Resource

win10v2004-20220414-en

locky ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
- Size
  
  141KB
- MD5
  
  38bd1d49f88201a9a6a92ae3f65559c0
- SHA1
  
  010847f30975fbac9a45ffc6e70ed640614e4852
- SHA256
  
  21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
- SHA512
  
  4ff916f7ea78fbd0c0fbb663dc53d8a6060fae819a7f0da09d114d832dde1634943cb603787954fdb0a5fbae20bcc0a2d29157f7b7a1139c8f41424a655db858
Score

10^/10

suricata locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
  suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
  suricata
- suricata: ET MALWARE Locky CnC checkin Nov 21
  suricata: ET MALWARE Locky CnC checkin Nov 21
  suricata
- Blocklisted process makes network request
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

lockyransomwaresuricata

© 2018-2024

Terms | Privacy