Overview

overview

10

Static

static

3

230606dd8b...18.exe

windows7-x64

10

230606dd8b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    230606dd8b0d62e2a8a04ef61b2d8707_JaffaCakes118

  • Size

    660KB

  • Sample

    240508-d5ttysbb99

  • MD5

    230606dd8b0d62e2a8a04ef61b2d8707

  • SHA1

    5c50cdad090de913d0c87edeb392c8df1af9f5c3

  • SHA256

    5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f

  • SHA512

    188e08205a38730057c63753451784a499657380cb0384e7d7f9ed9b5c3d60aad8daeae47e125ab22fd23357920bfd79a69423c5f9d733269160a2a7331df77d

  • SSDEEP

    12288:lMtWh23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:lMtP3p0RzYa+E

Score
10/10
locky_lukitusransomware

Malware Config

Targets

    • Target

      230606dd8b0d62e2a8a04ef61b2d8707_JaffaCakes118

    • Size

      660KB

    • MD5

      230606dd8b0d62e2a8a04ef61b2d8707

    • SHA1

      5c50cdad090de913d0c87edeb392c8df1af9f5c3

    • SHA256

      5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f

    • SHA512

      188e08205a38730057c63753451784a499657380cb0384e7d7f9ed9b5c3d60aad8daeae47e125ab22fd23357920bfd79a69423c5f9d733269160a2a7331df77d

    • SSDEEP

      12288:lMtWh23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:lMtP3p0RzYa+E

    Score
    10/10
    locky_lukitusransomware

    • Locky (Lukitus variant)

      Variant of the Locky ransomware seen in the wild since late 2017.

      ransomwarelocky_lukitus

    • Deletes itself

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Resource Development

Reconnaissance

Tasks