locky | b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463 | Triage

Submit
Reports

Overview

overview

Static

static

3

b70cd51a8d...63.dll

windows7-x64

b70cd51a8d...63.dll

windows10-2004-x64

Sharing

General

Target

b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463
Size

156KB
Sample

240424-yxkarsgf7y
MD5

17335dec0444e9d28eb598a43dfd7597
SHA1

64b02895625770dbaa63448e0add4aaa4421059a
SHA256

b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463
SHA512

b8c282b7aaca67d90802439f65e4811c092343afebcffb03b5357d002917422dd29e43c7296279ae4562e49f044eefae6ab7aca94bfc7cb6128a804090b4e2b3
SSDEEP

3072:V1k7CoJRaj4TJbVbYU7RgnFJjBnCjc9UPN:VKjXT/aMQg

Score

10^/10

locky ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463.dll

Resource

win7-20240221-en

locky ransomware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463.dll

Resource

win10v2004-20240412-en

locky ransomware

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463
- Size
  
  156KB
- MD5
  
  17335dec0444e9d28eb598a43dfd7597
- SHA1
  
  64b02895625770dbaa63448e0add4aaa4421059a
- SHA256
  
  b70cd51a8dcc9e0d2e6478e28d715b836a0fa25d72ba1a7329efd2f02e2ab463
- SHA512
  
  b8c282b7aaca67d90802439f65e4811c092343afebcffb03b5357d002917422dd29e43c7296279ae4562e49f044eefae6ab7aca94bfc7cb6128a804090b4e2b3
- SSDEEP
  
  3072:V1k7CoJRaj4TJbVbYU7RgnFJjBnCjc9UPN:VKjXT/aMQg
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy