locky | 21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab | Triage

Submit
Reports

Overview

overview

Static

static

3

38bd1d49f8...18.dll

windows7-x64

38bd1d49f8...18.dll

windows10-2004-x64

Sharing

General

Target

38bd1d49f88201a9a6a92ae3f65559c0_JaffaCakes118
Size

141KB
Sample

240512-ha6mgsch41
MD5

38bd1d49f88201a9a6a92ae3f65559c0
SHA1

010847f30975fbac9a45ffc6e70ed640614e4852
SHA256

21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
SHA512

4ff916f7ea78fbd0c0fbb663dc53d8a6060fae819a7f0da09d114d832dde1634943cb603787954fdb0a5fbae20bcc0a2d29157f7b7a1139c8f41424a655db858
SSDEEP

3072:CoXnIzY4t5wotjf6VVD2fghuM8/GlAALeHy3dYZGcZhwn:CoiYoy4inD2fDMCGlTOqYUcXwn

Score

10^/10

locky ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

38bd1d49f88201a9a6a92ae3f65559c0_JaffaCakes118.dll

Resource

win7-20240508-en

locky ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

38bd1d49f88201a9a6a92ae3f65559c0_JaffaCakes118.dll

Resource

win10v2004-20240508-en

locky ransomware

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  38bd1d49f88201a9a6a92ae3f65559c0_JaffaCakes118
- Size
  
  141KB
- MD5
  
  38bd1d49f88201a9a6a92ae3f65559c0
- SHA1
  
  010847f30975fbac9a45ffc6e70ed640614e4852
- SHA256
  
  21a77e00627ddd6541f559651be67482ce29b079969379038b5ea5424c275cab
- SHA512
  
  4ff916f7ea78fbd0c0fbb663dc53d8a6060fae819a7f0da09d114d832dde1634943cb603787954fdb0a5fbae20bcc0a2d29157f7b7a1139c8f41424a655db858
- SSDEEP
  
  3072:CoXnIzY4t5wotjf6VVD2fghuM8/GlAALeHy3dYZGcZhwn:CoiYoy4inD2fDMCGlTOqYUcXwn
Score

10^/10

locky ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Blocklisted process makes network request
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockyransomware

behavioral2

lockyransomware

© 2018-2024

Terms | Privacy