General

  • Target

    df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe

  • Size

    623KB

  • Sample

    220703-l2mkgaeedr

  • MD5

    c24a08bfeb09c9842b8e6578d7b0b721

  • SHA1

    937a77b8ad27217b346922cb5513458542e3d390

  • SHA256

    df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567

  • SHA512

    42717c37604b41fff2bae91a22037f0e2b1d3514a8305d672595930f331a6a998d1a88741585413977ee81cd59ab155faf19ae654d229dc0256e30d71b222799

Malware Config

Targets

    • Target

      df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567.exe

    • Size

      623KB

    • MD5

      c24a08bfeb09c9842b8e6578d7b0b721

    • SHA1

      937a77b8ad27217b346922cb5513458542e3d390

    • SHA256

      df255af635a2dde04c031db95862f11e1bf44fe5cfc10d3b20bd4678ed818567

    • SHA512

      42717c37604b41fff2bae91a22037f0e2b1d3514a8305d672595930f331a6a998d1a88741585413977ee81cd59ab155faf19ae654d229dc0256e30d71b222799

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Adds Run key to start application

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks