locky | 93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd | Triage

Submit
Reports

Overview

overview

Static

static

93942e4865...bd.exe

windows7_x64

93942e4865...bd.exe

windows10-2004_x64

Sharing

General

Target

93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd
Size

196KB
Sample

220628-t8h5maceh6
MD5

5ee21251ebe0529aed293f636286527a
SHA1

341767eb4afbf9a8dd99cd1a50ee93fb4c88e4dc
SHA256

93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd
SHA512

987ea7e3a848f93c8b0c3edc88fc205c24df9c4d953eff378439574f9a0c8256695d87248d3b8216fb0f662c643e2168635569ee845df1386974a14592cc0386

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd
- Size
  
  196KB
- MD5
  
  5ee21251ebe0529aed293f636286527a
- SHA1
  
  341767eb4afbf9a8dd99cd1a50ee93fb4c88e4dc
- SHA256
  
  93942e48653e2050bd6296d69d966e0b1e1b2eb2d3e9bf862bcbf32c9b1080bd
- SHA512
  
  987ea7e3a848f93c8b0c3edc88fc205c24df9c4d953eff378439574f9a0c8256695d87248d3b8216fb0f662c643e2168635569ee845df1386974a14592cc0386
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy