General

  • Target

    81ad0943b90b4dedbb6fd76278055c84

  • Size

    1.7MB

  • Sample

    231226-wcyxbadah7

  • MD5

    81ad0943b90b4dedbb6fd76278055c84

  • SHA1

    4ba545ae626fcaba16ad4cbd8a0c2417c2b8db6f

  • SHA256

    59e95c1c9dffd0f2b5a5b8a05b7e0f63d2d1582a582b0d11a399b0ca98816f83

  • SHA512

    cacba5f3443da58c02e3cc39ac7a9c18699dc9ad5c0c51b547a5bdcd0a29552acbd5f5ead821d5d9fa2651cc4a38eb442f2dded06bf3217d1bddd682171a2703

  • SSDEEP

    24576:1AHnh+eWsN3skA4RV1Hom2KXMmHaWh/BRg+Z7UDf0cGbiKdT/ZhGdx3rTERdjrb6:kh+ZkldoPK8YaWh/Ybr0j+KdThQbkzu

Score
10/10

Malware Config

Targets

    • Target

      81ad0943b90b4dedbb6fd76278055c84

    • Size

      1.7MB

    • MD5

      81ad0943b90b4dedbb6fd76278055c84

    • SHA1

      4ba545ae626fcaba16ad4cbd8a0c2417c2b8db6f

    • SHA256

      59e95c1c9dffd0f2b5a5b8a05b7e0f63d2d1582a582b0d11a399b0ca98816f83

    • SHA512

      cacba5f3443da58c02e3cc39ac7a9c18699dc9ad5c0c51b547a5bdcd0a29552acbd5f5ead821d5d9fa2651cc4a38eb442f2dded06bf3217d1bddd682171a2703

    • SSDEEP

      24576:1AHnh+eWsN3skA4RV1Hom2KXMmHaWh/BRg+Z7UDf0cGbiKdT/ZhGdx3rTERdjrb6:kh+ZkldoPK8YaWh/Ybr0j+KdThQbkzu

    Score
    10/10
    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks