locky | 44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03 | Triage

Submit
Reports

Overview

overview

Static

static

44834646f6...03.exe

windows7_x64

44834646f6...03.exe

windows10-2004_x64

Sharing

General

Target

44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03
Size

259KB
Sample

220628-tqzdwscdf4
MD5

9bbc224fc03c8b5ae456762448c98793
SHA1

d2b3863fd7a04e2a5d868595e61e61540959bef5
SHA256

44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03
SHA512

0977ca4d06037b28cf454435a30fd52f28202fa360190bfcfeedaf5e3ce91be116278946d59a37c21eba62f102075ae364220f43bcb580d61c40227b1b70806e

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03
- Size
  
  259KB
- MD5
  
  9bbc224fc03c8b5ae456762448c98793
- SHA1
  
  d2b3863fd7a04e2a5d868595e61e61540959bef5
- SHA256
  
  44834646f6f9ac8ac1caffe6c9266b16abd1074dbd2e676ca008a9ad68e5ae03
- SHA512
  
  0977ca4d06037b28cf454435a30fd52f28202fa360190bfcfeedaf5e3ce91be116278946d59a37c21eba62f102075ae364220f43bcb580d61c40227b1b70806e
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy