locky | 6de6b709771cde587b9bd92b137729fd7308fc852b85518a48e3c09ad1d9612d | Triage

Submit
Reports

Overview

overview

Static

static

1

sample.html

windows11-21h2-x64

Resubmissions

01-03-2024 15:36

240301-s15g8ahe28 10

01-03-2024 15:33

240301-szaw8ahd78 1

Sharing

General

Target

sample
Size

1KB
Sample

240301-s15g8ahe28
MD5

f240f2cb0b7928f9900640b907a261c4
SHA1

c30214e3c3703fa5ff852b2e61b3ca3329acb994
SHA256

6de6b709771cde587b9bd92b137729fd7308fc852b85518a48e3c09ad1d9612d
SHA512

9f6b7bac8bb0ad260555ac535dc1142d857bd709f19ff730ece5989948c59aaaf0cc5c83077a6d654e77aaee34c666414c94f2321cbbba65a3f57e065109ecbe

Score

10^/10

locky discovery ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win11-20240221-en

locky discovery ransomware spyware stealer

windows11-21h2-x64

21 signatures

1800 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  1KB
- MD5
  
  f240f2cb0b7928f9900640b907a261c4
- SHA1
  
  c30214e3c3703fa5ff852b2e61b3ca3329acb994
- SHA256
  
  6de6b709771cde587b9bd92b137729fd7308fc852b85518a48e3c09ad1d9612d
- SHA512
  
  9f6b7bac8bb0ad260555ac535dc1142d857bd709f19ff730ece5989948c59aaaf0cc5c83077a6d654e77aaee34c666414c94f2321cbbba65a3f57e065109ecbe
Score

10^/10

locky discovery ransomware spyware stealer
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

lockydiscoveryransomwarespywarestealer

© 2018-2024

Terms | Privacy