Analysis
-
max time kernel
1783s -
max time network
1800s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
28-06-2022 16:41
General
-
Target
91ef42b0f28693e070c042894f5a6283ad8d4441f66599f59e5e9561ab988371.exe
-
Size
169KB
-
MD5
020bb86c656898af5324939f708becb7
-
SHA1
8b0211be15a138bc201a839f9255a0ff927055e3
-
SHA256
91ef42b0f28693e070c042894f5a6283ad8d4441f66599f59e5e9561ab988371
-
SHA512
cbff17a7adbd1434ae482016bab1d8c99f5b9f6d7ab89644a480f73ca8cc2224d12ef5b4a98e7dcdfa40303e40bb2a9f976ebe3e7f0754a0884a84f6dd80e0c9
Score
10/10
Malware Config
Signatures
-
Locky
Ransomware strain released in 2016, with advanced features like anti-analysis.
-
suricata: ET MALWARE Ransomware Locky CnC Beacon
suricata: ET MALWARE Ransomware Locky CnC Beacon
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\91ef42b0f28693e070c042894f5a6283ad8d4441f66599f59e5e9561ab988371.exe"C:\Users\Admin\AppData\Local\Temp\91ef42b0f28693e070c042894f5a6283ad8d4441f66599f59e5e9561ab988371.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
188KB
-
Filesize
188KB
-
Filesize
188KB