General
-
Target
8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
-
Size
602KB
-
Sample
220628-t42feacef5
-
MD5
c80c3fb6c195380cac523a07379ac310
-
SHA1
a199df676f583f9c4454d1714fcf152b541e84be
-
SHA256
8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
-
SHA512
cd93ef8a7358f9aaf909a742bf02ca8447044bea9f96cc2d55948bd6e946f7587f700ea7d54f2666e5ffa73afd06e8082ac808458afe441850c70f72fa1128e5
Malware Config
Targets
-
-
Target
8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
-
Size
602KB
-
MD5
c80c3fb6c195380cac523a07379ac310
-
SHA1
a199df676f583f9c4454d1714fcf152b541e84be
-
SHA256
8732d8a06842219bb9cf705a59cedb848996a53ce4a4438f34bf0f5fc7fc90fe
-
SHA512
cd93ef8a7358f9aaf909a742bf02ca8447044bea9f96cc2d55948bd6e946f7587f700ea7d54f2666e5ffa73afd06e8082ac808458afe441850c70f72fa1128e5
Score10/10-
Locky (Lukitus variant)
Variant of the Locky ransomware seen in the wild since late 2017.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-