locky | 31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26 | Triage

Submit
Reports

Overview

overview

Static

static

31d6167737...26.exe

windows7_x64

31d6167737...26.exe

windows10-2004_x64

Sharing

General

Target

31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26
Size

315KB
Sample

220628-v5pnnsbbfr
MD5

91039844f9f219c09c730928480b328a
SHA1

73299597d8334ddbd71dbe9abd96f508c49e248e
SHA256

31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26
SHA512

34bdbbde22cf61a8711f888c2615a6050f8cd5aad419626a233cf57c620afea722b0a5733fa6e985d3c6ecaeccdcb5ddbd7738121277647bf7f0fc9a268f19c3

Score

10^/10

locky persistence ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26.exe

Resource

win7-20220414-en

locky ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26.exe

Resource

win10v2004-20220414-en

locky persistence ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26
- Size
  
  315KB
- MD5
  
  91039844f9f219c09c730928480b328a
- SHA1
  
  73299597d8334ddbd71dbe9abd96f508c49e248e
- SHA256
  
  31d61677373c60b18677a461ef8f2c1490d068094e991ee9a4bc2f9d81ee5d26
- SHA512
  
  34bdbbde22cf61a8711f888c2615a6050f8cd5aad419626a233cf57c620afea722b0a5733fa6e985d3c6ecaeccdcb5ddbd7738121277647bf7f0fc9a268f19c3
Score

10^/10

locky ransomware suricata persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- suricata: ET MALWARE Ransomware Locky CnC Beacon 21 May
  suricata: ET MALWARE Ransomware Locky CnC Beacon 21 May
  suricata
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

lockyransomwaresuricata

behavioral2

lockypersistenceransomwaresuricata

© 2018-2024

Terms | Privacy