Analysis

  • max time kernel
    141s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    13-07-2022 15:03

General

  • Target

    034af3eff0433d65fe171949f1c0f32d5ba246d468f3cf7826c42831a1ef4031.exe

  • Size

    98KB

  • MD5

    45f4c705c8f4351e925aea2eb0a7f564

  • SHA1

    dc04128fd3e916e56ce734c06ff39653c32ade50

  • SHA256

    034af3eff0433d65fe171949f1c0f32d5ba246d468f3cf7826c42831a1ef4031

  • SHA512

    a4462f7d98ef88e325aac54d1acffd4b8f174baa77efd58f85cdd145201a99e7b03f9ba6f25bdd25265714aa25070a26f72d18401de5463a91b3d21b47d17b13

Malware Config

Signatures

  • Locky

    Ransomware strain released in 2016, with advanced features like anti-analysis.

  • suricata: ET MALWARE Ransomware Locky CnC Beacon

    suricata: ET MALWARE Ransomware Locky CnC Beacon

Processes

  • C:\Users\Admin\AppData\Local\Temp\034af3eff0433d65fe171949f1c0f32d5ba246d468f3cf7826c42831a1ef4031.exe
    "C:\Users\Admin\AppData\Local\Temp\034af3eff0433d65fe171949f1c0f32d5ba246d468f3cf7826c42831a1ef4031.exe"
    1⤵
      PID:4464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4464-130-0x0000000000780000-0x000000000079D000-memory.dmp

      Filesize

      116KB

    • memory/4464-131-0x0000000000780000-0x000000000079D000-memory.dmp

      Filesize

      116KB