locky | 216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db | Triage

Submit
Reports

Overview

overview

Static

static

3

216c144dc5...db.dll

windows7-x64

216c144dc5...db.dll

windows10-2004-x64

Sharing

General

Target

216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db
Size

127KB
Sample

240424-q81swsbb51
MD5

be1377d90fdeeb0bff1da2a19c3c6d07
SHA1

e3bb515c055fecee1fd2c7a6c444a8e5a0465044
SHA256

216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db
SHA512

79495f17bb10e7c4da026edcbc065cb6e681736ddff2cacbe61956f4e86c286dba22044284365985b43e079292b06edf296dc1ade608d2d2631d94d9b65c4d7e
SSDEEP

3072:imFa0hGJ5yhppWMy7qWrH4CJWA+26begdDywQp3LnnBphg:wMUARQnr6X26fDvMbnB0

Score

10^/10

locky ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db.dll

Resource

win7-20240215-en

locky ransomware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db.dll

Resource

win10v2004-20240412-en

locky ransomware

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db
- Size
  
  127KB
- MD5
  
  be1377d90fdeeb0bff1da2a19c3c6d07
- SHA1
  
  e3bb515c055fecee1fd2c7a6c444a8e5a0465044
- SHA256
  
  216c144dc51c315c220864dbba672932664eb031b63bc779bf5b35fb9fa239db
- SHA512
  
  79495f17bb10e7c4da026edcbc065cb6e681736ddff2cacbe61956f4e86c286dba22044284365985b43e079292b06edf296dc1ade608d2d2631d94d9b65c4d7e
- SSDEEP
  
  3072:imFa0hGJ5yhppWMy7qWrH4CJWA+26begdDywQp3LnnBphg:wMUARQnr6X26fDvMbnB0
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Inhibit System Recovery

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy