locky | 6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9 | Triage

Submit
Reports

Overview

overview

Static

static

6c43544d3d...b9.exe

windows7_x64

6c43544d3d...b9.exe

windows10-2004_x64

7

Sharing

General

Target

6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9
Size

216KB
Sample

220628-tyk68sceb4
MD5

19504d96584291023f8a183d416a4a1c
SHA1

edfc887e646fa76b3dddad031467f92e0865f736
SHA256

6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9
SHA512

5131bcd4a0960092057124db8e15f76fb866ffbbf523cdbb95a249e67fa661e0445ec32617beced03df7abc316512661cd04da43fd8e6cb888b26730d32a4100

Score

10^/10

locky ransomware

Static task

static1

Behavioral task

behavioral1

Sample

6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9
- Size
  
  216KB
- MD5
  
  19504d96584291023f8a183d416a4a1c
- SHA1
  
  edfc887e646fa76b3dddad031467f92e0865f736
- SHA256
  
  6c43544d3dfb063ce5ea542cbf022f92b6dff2c294a2925b4159d86ed0daedb9
- SHA512
  
  5131bcd4a0960092057124db8e15f76fb866ffbbf523cdbb95a249e67fa661e0445ec32617beced03df7abc316512661cd04da43fd8e6cb888b26730d32a4100
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

© 2018-2024

Terms | Privacy