locky | 3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac | Triage

Submit
Reports

Overview

overview

Static

static

3a810cbad7...ac.exe

windows7_x64

3a810cbad7...ac.exe

windows10-2004_x64

Sharing

General

Target

3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac
Size

654KB
Sample

220712-dkmvxagcfp
MD5

693ef59145aa6b9e329f91538855ef64
SHA1

e3067d7c7227af026c0abfbdf7b417c4e294f380
SHA256

3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac
SHA512

3f0ad7a869823d63d1867f4bf2322e88a909324bab80e7e6d8906237db0aea669326030f16a337980681cfd94c86a955ccb2747ff41be0bf75da112a53693a6b

Score

10^/10

locky persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac
- Size
  
  654KB
- MD5
  
  693ef59145aa6b9e329f91538855ef64
- SHA1
  
  e3067d7c7227af026c0abfbdf7b417c4e294f380
- SHA256
  
  3a810cbad7296f83122c4a16b935a723d8019419069a55c939d93c246abed2ac
- SHA512
  
  3f0ad7a869823d63d1867f4bf2322e88a909324bab80e7e6d8906237db0aea669326030f16a337980681cfd94c86a955ccb2747ff41be0bf75da112a53693a6b
Score

10^/10

locky ransomware persistence
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Inhibit System Recovery

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockypersistenceransomware

© 2018-2024

Terms | Privacy