Overview

overview

10

Static

static

5b3a33bfd5...86.exe

windows7_x64

10

5b3a33bfd5...86.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    1799s
  • max time network
    1802s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    28-06-2022 17:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b3a33bfd51b75cf08282be69225ecf485fa1807d1268c6e4060eefcd78b8786.exe

  • Size

    180KB

  • MD5

    054094319898a26b24fe43a785c3227f

  • SHA1

    21d62d7026d412604db42c4d0fc2102eafb70bb8

  • SHA256

    5b3a33bfd51b75cf08282be69225ecf485fa1807d1268c6e4060eefcd78b8786

  • SHA512

    7293a9716af9e0e44599f8f86ebcd8898465e9521879e213dafc543da190a5b9021d30023086ae020040b45ecd26ccc0d061e7daba1a291497588799c7a3d9e4

Score
10/10
lockyransomwaresuricata

Malware Config

Signatures

  • Locky

    Ransomware strain released in 2016, with advanced features like anti-analysis.

    ransomwarelocky
  • suricata: ET MALWARE Ransomware Locky CnC Beacon

    suricata: ET MALWARE Ransomware Locky CnC Beacon

    suricata

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b3a33bfd51b75cf08282be69225ecf485fa1807d1268c6e4060eefcd78b8786.exe
    "C:\Users\Admin\AppData\Local\Temp\5b3a33bfd51b75cf08282be69225ecf485fa1807d1268c6e4060eefcd78b8786.exe"
    1⤵
      PID:1960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1960-54-0x0000000075A61000-0x0000000075A63000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1960-55-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/1960-58-0x00000000001B0000-0x00000000001B6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/1960-59-0x00000000001B0000-0x00000000001B6000-memory.dmp

      Filesize

      24KB

      Download