General
-
Target
21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6.bin
-
Size
372KB
-
Sample
220708-nsh7ssebf6
-
MD5
e3b3e285390c0e2f7d04bd040bec790d
-
SHA1
dbee71535e9f1fb23b3f01e25989d22d51237e68
-
SHA256
21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6
-
SHA512
6156a6b0ff4f41c823cba68a4596676e357ceb5b8c0848c2828a72321dbc2a731d9ae8f1a417fe27aef7de0080001ad3f77b3809b64a93c610ae99f95b35f5be
Static task
static1
Behavioral task
behavioral1
Sample
21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6.bin
-
Size
372KB
-
MD5
e3b3e285390c0e2f7d04bd040bec790d
-
SHA1
dbee71535e9f1fb23b3f01e25989d22d51237e68
-
SHA256
21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6
-
SHA512
6156a6b0ff4f41c823cba68a4596676e357ceb5b8c0848c2828a72321dbc2a731d9ae8f1a417fe27aef7de0080001ad3f77b3809b64a93c610ae99f95b35f5be
Score10/10-
Locky (Osiris variant)
Variant of the Locky ransomware seen in the wild since early 2017.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-