Analysis
-
max time kernel
145s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12-06-2022 10:06
Static task
static1
Behavioral task
behavioral1
Sample
20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743.exe
Resource
win10v2004-20220414-en
General
-
Target
20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743.exe
-
Size
207KB
-
MD5
3cf892f5bb1dd7d28445394683713e78
-
SHA1
6835e93aaa256d180c7cc1caa42ec69f07785a4f
-
SHA256
20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743
-
SHA512
0ffed02ef4c652244643e9a7251a1d23a52e2cc24c0da936cf83eaba905c31fdb04b68209eeb4ac903e59a80897367db9a0d16929fc1a7cc955238d718e30c42
Malware Config
Signatures
-
Locky
Ransomware strain released in 2016, with advanced features like anti-analysis.
-
suricata: ET MALWARE Ransomware Locky CnC Beacon
suricata: ET MALWARE Ransomware Locky CnC Beacon
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743.exepid process 1308 20f48e19032b23217d4da671173565607b4069912d37f4b143fea97486fba743.exe