locky | 5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8 | Triage

Submit
Reports

Overview

overview

Static

static

5776efe08f...a8.exe

windows7_x64

5776efe08f...a8.exe

windows10-2004_x64

Sharing

General

Target

5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8
Size

174KB
Sample

220628-ttpnvsagbj
MD5

50bde00178dbc70e43d8e6156e9a1c0d
SHA1

26a7bc0b6fd83644b1df1f0378dec013026c4971
SHA256

5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8
SHA512

b7e98b367e977b914b182ddf182f88a7e8be35e8eaef2dea69f21027b7f7d7faa5913d01f71a1d4e89e0dfc6b4f0331bda824f776209213852575ec236c44bd5

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8
- Size
  
  174KB
- MD5
  
  50bde00178dbc70e43d8e6156e9a1c0d
- SHA1
  
  26a7bc0b6fd83644b1df1f0378dec013026c4971
- SHA256
  
  5776efe08fd2b5847cafd084ed56e0457de02608e6c8e4e971c8e00cc3355fa8
- SHA512
  
  b7e98b367e977b914b182ddf182f88a7e8be35e8eaef2dea69f21027b7f7d7faa5913d01f71a1d4e89e0dfc6b4f0331bda824f776209213852575ec236c44bd5
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy