locky | 33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f | Triage

Submit
Reports

Overview

overview

Static

static

33b62b9528...0f.exe

windows7_x64

33b62b9528...0f.exe

windows10-2004_x64

Sharing

General

Target

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
Size

580KB
Sample

220620-be8t3sbgh9
MD5

86927f4d92665747679ab72a9be87b05
SHA1

35549e85c4cb875e1710afaf274aeead50e06752
SHA256

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
SHA512

33255234e1a1a7c19d92e503a57cecef9e1cb46ff5472f2416772a0e9087c111edded597618bb73ee8494c0bc23924d97396b1bc5f2657e946c6e1552696381f

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
- Size
  
  580KB
- MD5
  
  86927f4d92665747679ab72a9be87b05
- SHA1
  
  35549e85c4cb875e1710afaf274aeead50e06752
- SHA256
  
  33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
- SHA512
  
  33255234e1a1a7c19d92e503a57cecef9e1cb46ff5472f2416772a0e9087c111edded597618bb73ee8494c0bc23924d97396b1bc5f2657e946c6e1552696381f
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy