locky | ae09565a3928e43cf0df871ff58f59f601e715a4b57552ce45c30da08809828f | Triage

Sharing

General

Target

ae09565a3928e43cf0df871ff58f59f601e715a4b57552ce45c30da08809828f
Size

183KB
Sample

221204-2rrz7sch52
MD5

8a73a6b93c588d4589d8aeae4fb4fd20
SHA1

622fc0e75a1b560a3252508f47e452ba4df2c4f7
SHA256

ae09565a3928e43cf0df871ff58f59f601e715a4b57552ce45c30da08809828f
SHA512

e1257bcd5ce7c09ab7717c19f1127e473503cc3c2812a9ff9cf15f988fe275c18cfdf5bcdbf403a620a1da9b8529b8932701d64694eb01cd3a52e9a47fb23bcf
SSDEEP

3072:FfqtXFHwoFe2v9zIN45CbeZ9ZK1UYDtMpdMU5nKKlkkDZY0mdfbi4CWE/wW226F4:FfgFQoFekiVe3KjDtQdHKKa0pw7F4

Score

10^/10

locky ransomware

Malware Config

Targets

- Target
  
  ae09565a3928e43cf0df871ff58f59f601e715a4b57552ce45c30da08809828f
- Size
  
  183KB
- MD5
  
  8a73a6b93c588d4589d8aeae4fb4fd20
- SHA1
  
  622fc0e75a1b560a3252508f47e452ba4df2c4f7
- SHA256
  
  ae09565a3928e43cf0df871ff58f59f601e715a4b57552ce45c30da08809828f
- SHA512
  
  e1257bcd5ce7c09ab7717c19f1127e473503cc3c2812a9ff9cf15f988fe275c18cfdf5bcdbf403a620a1da9b8529b8932701d64694eb01cd3a52e9a47fb23bcf
- SSDEEP
  
  3072:FfqtXFHwoFe2v9zIN45CbeZ9ZK1UYDtMpdMU5nKKlkkDZY0mdfbi4CWE/wW226F4:FfgFQoFekiVe3KjDtQdHKKa0pw7F4
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lockyransomware