Overview

overview

10

Static

static

630501913e...06.exe

windows7_x64

10

630501913e...06.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    630501913e1797d2dd91c3441bfac4e0b9e5340a0c3fab018ac3d98136a14006

  • Size

    173KB

  • Sample

    220629-a9t4qsdfdn

  • MD5

    a8b2040f48ba52cab49117636185bdcb

  • SHA1

    084fd006c562cd0a6114018208948f8bfcd0a465

  • SHA256

    630501913e1797d2dd91c3441bfac4e0b9e5340a0c3fab018ac3d98136a14006

  • SHA512

    142d2d128494abf36f6d97590f6ec8881c7ddde559644b5281f8e65582550937192b2499c905285d2c4d0fc65b6e326cf781d917d688fa5e06ecfbdb7a8693df

Score
10/10
lockyransomware

Malware Config

Targets

    • Target

      630501913e1797d2dd91c3441bfac4e0b9e5340a0c3fab018ac3d98136a14006

    • Size

      173KB

    • MD5

      a8b2040f48ba52cab49117636185bdcb

    • SHA1

      084fd006c562cd0a6114018208948f8bfcd0a465

    • SHA256

      630501913e1797d2dd91c3441bfac4e0b9e5340a0c3fab018ac3d98136a14006

    • SHA512

      142d2d128494abf36f6d97590f6ec8881c7ddde559644b5281f8e65582550937192b2499c905285d2c4d0fc65b6e326cf781d917d688fa5e06ecfbdb7a8693df

    Score
    10/10
    lockyransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Deletes itself

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks