locky | 182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b | Triage

Submit
Reports

Overview

overview

Static

static

182969a80a...8b.exe

windows7_x64

182969a80a...8b.exe

windows10-2004_x64

Analysis

max time kernel
1797s
max time network
1802s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
28-06-2022 15:30

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b.exe

Resource

win7-20220414-en

locky ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b.exe

Resource

win10v2004-20220414-en

locky ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b.exe
Size

186KB
MD5

19a211b8416b31a3d4941d3cb7664e38
SHA1

a5c5e8c8913d8d5bb0472d7b68a43831aedfab4f
SHA256

182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b
SHA512

5f28508a685e13f5eb5e1c78687e3379eb446a75578fc8747e7881787c2d8abb3ccb1025d10c98de85b4bb08f18d7a346f9aeefe47b59757cc52fe0a0e4edbae

Score

10^/10

locky ransomware suricata

Malware Config

Signatures

Locky
Ransomware strain released in 2016, with advanced features like anti-analysis.
ransomware locky
suricata: ET MALWARE Ransomware Locky CnC Beacon
suricata: ET MALWARE Ransomware Locky CnC Beacon
suricata

Processes

C:\Users\Admin\AppData\Local\Temp\182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b.exe
"C:\Users\Admin\AppData\Local\Temp\182969a80ab6db22b0151cab9e9eefb436d2435104e34b63de47829e4e88b38b.exe"
1⤵
PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2336-130-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/2336-132-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download

© 2018-2024

Terms | Privacy