Overview

overview

10

Static

static

3

305fb326b1...18.exe

windows7-x64

10

305fb326b1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    305fb326b1906e92a4c31f5c64825cef_JaffaCakes118

  • Size

    330KB

  • Sample

    240510-wq19ladd89

  • MD5

    305fb326b1906e92a4c31f5c64825cef

  • SHA1

    f6948a54ebb7d5a9967e48522f7f427a15911ebb

  • SHA256

    4c663be2abf9417d8160f68982f0d8b9907afdcc51838e72185a8f7738f99e51

  • SHA512

    d1f7ccb092051292bfe84d94ffd78789e8fcf6ac910ad0321a5edbc07f187b06f38ab3bea2304f7e52d6e63dc05f09234f1da84df1aa0f0785b87e3474f4718b

  • SSDEEP

    6144:7apl2BRuSZIGjF19erC8cGP3ry/IstViG3t7l:m2BRFtorc4UIstVV3t7l

Score
10/10
lockylocky_osirisransomware

Malware Config

Targets

    • Target

      305fb326b1906e92a4c31f5c64825cef_JaffaCakes118

    • Size

      330KB

    • MD5

      305fb326b1906e92a4c31f5c64825cef

    • SHA1

      f6948a54ebb7d5a9967e48522f7f427a15911ebb

    • SHA256

      4c663be2abf9417d8160f68982f0d8b9907afdcc51838e72185a8f7738f99e51

    • SHA512

      d1f7ccb092051292bfe84d94ffd78789e8fcf6ac910ad0321a5edbc07f187b06f38ab3bea2304f7e52d6e63dc05f09234f1da84df1aa0f0785b87e3474f4718b

    • SSDEEP

      6144:7apl2BRuSZIGjF19erC8cGP3ry/IstViG3t7l:m2BRFtorc4UIstVV3t7l

    Score
    10/10
    lockylocky_osirisransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Locky (Osiris variant)

      Variant of the Locky ransomware seen in the wild since early 2017.

      ransomwarelocky_osiris

    • Deletes itself

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks