General
-
Target
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f.bin
-
Size
329KB
-
Sample
220704-pvkdbahcfl
-
MD5
b99c2748e46c0f8ed8da08fd933e0d9f
-
SHA1
b86e4150446e189259db650270edcc02296b4ca5
-
SHA256
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f
-
SHA512
da239c429c2bc7e24f1a4ad1420d501a29e7abde4b89e474f290b4678d10a571c84b2cddb6994104ec2dc80d260122f3f8289e9113b2d0b54c483f249207167f
Static task
static1
Behavioral task
behavioral1
Sample
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f.bin
-
Size
329KB
-
MD5
b99c2748e46c0f8ed8da08fd933e0d9f
-
SHA1
b86e4150446e189259db650270edcc02296b4ca5
-
SHA256
f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f
-
SHA512
da239c429c2bc7e24f1a4ad1420d501a29e7abde4b89e474f290b4678d10a571c84b2cddb6994104ec2dc80d260122f3f8289e9113b2d0b54c483f249207167f
Score10/10-
Locky (Osiris variant)
Variant of the Locky ransomware seen in the wild since early 2017.
-
suricata: ET MALWARE Locky CnC Checkin Dec 5 M1
suricata: ET MALWARE Locky CnC Checkin Dec 5 M1
-
suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-