Overview

overview

10

Static

static

b4f4563a23...27.exe

windows7_x64

10

b4f4563a23...27.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    1788s
  • max time network
    1795s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    28-06-2022 16:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4f4563a23721d089518a924558c47221582c278bb7e5d040da2f0129f85df27.exe

  • Size

    186KB

  • MD5

    dba9a404a71358896100f9a294f7c9a3

  • SHA1

    b35ffd1545a4e37db71962e1f7c83e0f7d21f4d8

  • SHA256

    b4f4563a23721d089518a924558c47221582c278bb7e5d040da2f0129f85df27

  • SHA512

    7cfe3a3d7e6cf412b1f626a78e24d13b134b820a070222576469c1b5f59479af95ef184588fe1925e02218e5925b9afd6cfea45accf558c9947fb36e029555f7

Score
10/10
lockyransomwaresuricata

Malware Config

Signatures

  • Locky

    Ransomware strain released in 2016, with advanced features like anti-analysis.

    ransomwarelocky
  • suricata: ET MALWARE Ransomware Locky CnC Beacon

    suricata: ET MALWARE Ransomware Locky CnC Beacon

    suricata

Processes

  • C:\Users\Admin\AppData\Local\Temp\b4f4563a23721d089518a924558c47221582c278bb7e5d040da2f0129f85df27.exe
    "C:\Users\Admin\AppData\Local\Temp\b4f4563a23721d089518a924558c47221582c278bb7e5d040da2f0129f85df27.exe"
    1⤵
      PID:1960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1960-54-0x0000000075A61000-0x0000000075A63000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1960-55-0x0000000000400000-0x0000000000434000-memory.dmp

      Filesize

      208KB

      Download

    • memory/1960-57-0x0000000000400000-0x0000000000434000-memory.dmp

      Filesize

      208KB

      Download