locky | 5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8 | Triage

Sharing

General

Target

5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8.bin
Size

204KB
Sample

220713-r94rlsfgcl
MD5

e1a9b6f7285a85e682ebcad028472d13
SHA1

1347b810ac90c13154908f7cf45b11913c182e44
SHA256

5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8
SHA512

35e6adb72faba256c94a7abe205ff14752f46c830292905e24605a479d15b6aa6b4ccfcc6d4937dfad8698cfa8da4a4cd68b38ded5c14ed24127f605c6fe6874

Score

10^/10

locky ransomware

Malware Config

Targets

- Target
  
  5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8.bin
- Size
  
  204KB
- MD5
  
  e1a9b6f7285a85e682ebcad028472d13
- SHA1
  
  1347b810ac90c13154908f7cf45b11913c182e44
- SHA256
  
  5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8
- SHA512
  
  35e6adb72faba256c94a7abe205ff14752f46c830292905e24605a479d15b6aa6b4ccfcc6d4937dfad8698cfa8da4a4cd68b38ded5c14ed24127f605c6fe6874
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lockyransomware