locky_lukitus | a4bb7f498946155aaf1f6724dc6c37b7a149a369d4e5af724f3794c34629f371 | Triage

Submit
Reports

Overview

overview

Static

static

3

2c163be10c...18.exe

windows7-x64

2c163be10c...18.exe

windows10-2004-x64

Sharing

General

Target

2c163be10c2dcd9b96243bd8175889d4_JaffaCakes118
Size

659KB
Sample

240509-2pr77aba41
MD5

2c163be10c2dcd9b96243bd8175889d4
SHA1

d086fe8bbd8b7129d89dc1cfcb8a8175a6445b29
SHA256

a4bb7f498946155aaf1f6724dc6c37b7a149a369d4e5af724f3794c34629f371
SHA512

350f8c56929d87d0caa0993c5b6a6a2e6d9f7d753ad5e94a36538fbf2b5669c3dadba0866d22d1d5f8f4be6a4eae82672cd5ed378535c07c7e51c88e4e5b436f
SSDEEP

12288:DBBph23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:DBBK3p0RzYa+E

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2c163be10c2dcd9b96243bd8175889d4_JaffaCakes118.exe

Resource

win7-20240508-en

locky_lukitus ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c163be10c2dcd9b96243bd8175889d4_JaffaCakes118.exe

Resource

win10v2004-20240508-en

locky_lukitus ransomware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2c163be10c2dcd9b96243bd8175889d4_JaffaCakes118
- Size
  
  659KB
- MD5
  
  2c163be10c2dcd9b96243bd8175889d4
- SHA1
  
  d086fe8bbd8b7129d89dc1cfcb8a8175a6445b29
- SHA256
  
  a4bb7f498946155aaf1f6724dc6c37b7a149a369d4e5af724f3794c34629f371
- SHA512
  
  350f8c56929d87d0caa0993c5b6a6a2e6d9f7d753ad5e94a36538fbf2b5669c3dadba0866d22d1d5f8f4be6a4eae82672cd5ed378535c07c7e51c88e4e5b436f
- SSDEEP
  
  12288:DBBph23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:DBBK3p0RzYa+E
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy