Overview

overview

10

Static

static

305153b144...11.exe

windows7_x64

10

305153b144...11.exe

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    305153b14416391a42cd06338729048cc5a4163bb3a014422745beb5e6572811

  • Size

    357KB

  • Sample

    220621-e5dy6sbfam

  • MD5

    31e4d13c5d776036ac3603565ddc4db3

  • SHA1

    6e8aa64ca4daec8e3e97c74c442c6e4c8143a63b

  • SHA256

    305153b14416391a42cd06338729048cc5a4163bb3a014422745beb5e6572811

  • SHA512

    3ecd27df132d599d7f16268c8501a71330a33d1e0b94fd340629db54d8fc2f09736ae2b86d9570b198bc5969973ef19feabf3980a21ab394eec99c0ed6e32d9e

Score
10/10
lockylocky_osirisransomware

Malware Config

Targets

    • Target

      305153b14416391a42cd06338729048cc5a4163bb3a014422745beb5e6572811

    • Size

      357KB

    • MD5

      31e4d13c5d776036ac3603565ddc4db3

    • SHA1

      6e8aa64ca4daec8e3e97c74c442c6e4c8143a63b

    • SHA256

      305153b14416391a42cd06338729048cc5a4163bb3a014422745beb5e6572811

    • SHA512

      3ecd27df132d599d7f16268c8501a71330a33d1e0b94fd340629db54d8fc2f09736ae2b86d9570b198bc5969973ef19feabf3980a21ab394eec99c0ed6e32d9e

    Score
    10/10
    lockylocky_osirisransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Locky (Osiris variant)

      Variant of the Locky ransomware seen in the wild since early 2017.

      ransomwarelocky_osiris

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Tasks