Overview

overview

10

Static

static

6edd491c38...04.exe

windows7-x64

10

6edd491c38...04.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    9s
  • max time network
    14s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-10-2022 15:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04.exe

  • Size

    180KB

  • MD5

    f63462259d9fbe411e276f137bcb74d4

  • SHA1

    5dc4433eedfa45bfd78ce002f92bd9cd47f30d71

  • SHA256

    6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04

  • SHA512

    5590a2c49a9d7d11077c706c3f57f97e87f6cb62623667ce8bb97c5c4315dc3b2320b0c87370e02e64c92dedc72e3cfd8c5059bf42103dccc06be8db86a676d6

  • SSDEEP

    3072:fqY3Liftb254e+k9PYzMZA42/b0+P1SzdKIrOgPM1uQuO/dNcuNM3aws:v/yiYzMZhKb0+tSzdK6OgU1UO/dNcAQC

Score
10/10
lockyransomware

Malware Config

Signatures

  • Locky

    Ransomware strain released in 2016, with advanced features like anti-analysis.

    ransomwarelocky

Processes

  • C:\Users\Admin\AppData\Local\Temp\6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04.exe
    "C:\Users\Admin\AppData\Local\Temp\6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04.exe"
    1⤵
      PID:5008

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5008-132-0x00000000006E0000-0x00000000006E6000-memory.dmp
      Filesize

      24KB

      Download
    • memory/5008-133-0x0000000000400000-0x000000000044A000-memory.dmp
      Filesize

      296KB

      Download