Overview

overview

10

Static

static

5d789e79aa...c8.exe

windows7-x64

10

5d789e79aa...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d789e79aa723ebc576297623719d78211bc3bb61bb04af2556e59dfacf61cc8

  • Size

    189KB

  • Sample

    220731-3b3bnsdghq

  • MD5

    310fa3e9f8e0785c50b14da66d8fe8b9

  • SHA1

    b51afedfa3f3875665322fb0af10f0e85ab6c3ee

  • SHA256

    5d789e79aa723ebc576297623719d78211bc3bb61bb04af2556e59dfacf61cc8

  • SHA512

    ab3677c29fe6033efb503980583c9fa0133af730db95e9e87545a418aca135c74322e56e8500b97832d4db9db91a647c5f59d405cb89815816b58bfed5fd423e

Score
10/10
lockyransomware

Malware Config

Targets

    • Target

      5d789e79aa723ebc576297623719d78211bc3bb61bb04af2556e59dfacf61cc8

    • Size

      189KB

    • MD5

      310fa3e9f8e0785c50b14da66d8fe8b9

    • SHA1

      b51afedfa3f3875665322fb0af10f0e85ab6c3ee

    • SHA256

      5d789e79aa723ebc576297623719d78211bc3bb61bb04af2556e59dfacf61cc8

    • SHA512

      ab3677c29fe6033efb503980583c9fa0133af730db95e9e87545a418aca135c74322e56e8500b97832d4db9db91a647c5f59d405cb89815816b58bfed5fd423e

    Score
    10/10
    lockyransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks