locky | df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567 | Triage

Submit
Reports

Overview

overview

Static

static

df255af635...67.exe

windows7_x64

df255af635...67.exe

windows10-2004_x64

Sharing

General

Target

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe
Size

623KB
Sample

220701-xhjj9aaegk
MD5

c24a08bfeb09c9842b8e6578d7b0b721
SHA1

937a77b8ad27217b346922cb5513458542e3d390
SHA256

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567
SHA512

42717c37604b41fff2bae91a22037f0e2b1d3514a8305d672595930f331a6a998d1a88741585413977ee81cd59ab155faf19ae654d229dc0256e30d71b222799

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe

Resource

win7-20220414-en

locky persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe
- Size
  
  623KB
- MD5
  
  c24a08bfeb09c9842b8e6578d7b0b721
- SHA1
  
  937a77b8ad27217b346922cb5513458542e3d390
- SHA256
  
  df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567
- SHA512
  
  42717c37604b41fff2bae91a22037f0e2b1d3514a8305d672595930f331a6a998d1a88741585413977ee81cd59ab155faf19ae654d229dc0256e30d71b222799
Score

10^/10

locky persistence ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockypersistenceransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy