locky | 359c8b210c85133c39e48b0ad41b8a28f215045420fb061348d9773ef33b7f2a | Triage

Submit
Reports

Overview

overview

Static

static

3

5a563e7b45...dd.exe

windows7-x64

5a563e7b45...dd.exe

windows10-2004-x64

Sharing

General

Target

5a563e7b4523310c4cacd24956ef84f0af27a3cb6457d662da1db29d48918add.zip
Size

526KB
Sample

240403-l7djracd69
MD5

68bde9599e594d70e5dc612efd073687
SHA1

65bd0838f40e985712b81738aba2b6fa5650dc55
SHA256

359c8b210c85133c39e48b0ad41b8a28f215045420fb061348d9773ef33b7f2a
SHA512

6c3701c2fae348bdb876e4d8feaa0816c467635d4c566c726276ba5032daa22d109d19ed8e9763af54b1490028e63f6519ddbc2c0818ffabcfa97eaa378c0c86
SSDEEP

12288:pCJ/cTO9APFvl8QShaBG5YnvVZVnQJQQV+qxKi20HHyN:pGcRPFWGBRDVWQ8PHHyN

Score

10^/10

locky ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5a563e7b4523310c4cacd24956ef84f0af27a3cb6457d662da1db29d48918add.exe

Resource

win7-20240221-en

locky ransomware

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a563e7b4523310c4cacd24956ef84f0af27a3cb6457d662da1db29d48918add.exe

Resource

win10v2004-20240226-en

locky ransomware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  5a563e7b4523310c4cacd24956ef84f0af27a3cb6457d662da1db29d48918add
- Size
  
  576KB
- MD5
  
  79d57f8f54bade79046ec3848bf14642
- SHA1
  
  7f90f82dd95f688b7479501e72f06e462876f29e
- SHA256
  
  5a563e7b4523310c4cacd24956ef84f0af27a3cb6457d662da1db29d48918add
- SHA512
  
  a479858fd4a839eee155987e01f674c4e99ca0f64597a919eacfb156c24c5b4227f92d3fe13dc08e0c99cb385213bb2e6ec2c889948a14c6083f024449acdc70
- SSDEEP
  
  12288:q6GYxM5/3Wi748sx3JpXCcb6w8m8OfFSUzEC86FR/jiQSKXc:OYq5uigx7ycGpj8H8MJigc
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Inhibit System Recovery

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy