locky | 4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1 | Triage

Submit
Reports

Overview

overview

Static

static

4677c2a5d1...d1.exe

windows7_x64

4677c2a5d1...d1.exe

windows10-2004_x64

Sharing

General

Target

4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1
Size

196KB
Sample

220628-trcxaacdf5
MD5

5efeef53f235906257f1c15fd2a534d7
SHA1

90b0d7cd61d1846e965f61710f10dbe41e805162
SHA256

4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1
SHA512

71f1a09fb47092c35920e1b0a0df1c2aea5ea4cb628838cef4bdbdc242e77243ccf52dc4cab217e2b349101cb1df4aa8bedd13724ef47816373d60b8394684ca

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1
- Size
  
  196KB
- MD5
  
  5efeef53f235906257f1c15fd2a534d7
- SHA1
  
  90b0d7cd61d1846e965f61710f10dbe41e805162
- SHA256
  
  4677c2a5d160388449550696b00e96ec11e2a9ce80c655801df335cfd56f7ad1
- SHA512
  
  71f1a09fb47092c35920e1b0a0df1c2aea5ea4cb628838cef4bdbdc242e77243ccf52dc4cab217e2b349101cb1df4aa8bedd13724ef47816373d60b8394684ca
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy