locky | 62a60f11e2c96019ad01d1cbae35dc3b71a1bdac7bfd0a0f207d69487e11374c | Triage

Submit
Reports

Overview

overview

Static

static

1

Mars Steal...ed.exe

windows7-x64

Mars Steal...ed.exe

windows10-2004-x64

Sharing

General

Target

Mars Stealer 8 cracked.exe
Size

9.7MB
Sample

230415-g834ksdc87
MD5

2add5cd2d251750b6edbbcf9c618e2bd
SHA1

a167e4ef8c03e1c6b66fe75a9a61735eafd70cd8
SHA256

62a60f11e2c96019ad01d1cbae35dc3b71a1bdac7bfd0a0f207d69487e11374c
SHA512

ad7d5351de1698a6b60c0eeed13050dbefac2582300a9e4caf692d75b9507e15b2082d562d51df8ea0d79a0150b8de4464b2c92ea33386090dc9865e93133ca8
SSDEEP

196608:J2eeOCr4PpZVzx60Iwx2BbjDRog9AkczZtwc7V4IuSal:J2eZW4PpZVUy2p1z9Ar3wTIuSal

Score

10^/10

locky ransomware

Static task

static1

Behavioral task

behavioral1

Sample

Mars Stealer 8 cracked.exe

Resource

win7-20230220-en

locky ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Mars Stealer 8 cracked.exe

Resource

win10v2004-20230220-en

locky ransomware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Mars Stealer 8 cracked.exe
- Size
  
  9.7MB
- MD5
  
  2add5cd2d251750b6edbbcf9c618e2bd
- SHA1
  
  a167e4ef8c03e1c6b66fe75a9a61735eafd70cd8
- SHA256
  
  62a60f11e2c96019ad01d1cbae35dc3b71a1bdac7bfd0a0f207d69487e11374c
- SHA512
  
  ad7d5351de1698a6b60c0eeed13050dbefac2582300a9e4caf692d75b9507e15b2082d562d51df8ea0d79a0150b8de4464b2c92ea33386090dc9865e93133ca8
- SSDEEP
  
  196608:J2eeOCr4PpZVzx60Iwx2BbjDRog9AkczZtwc7V4IuSal:J2eZW4PpZVUy2p1z9Ar3wTIuSal
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy