locky_lukitus | c6bb72e0a48fcf77920ddc48dd799f04a73ca287f56afb3dd5709725a67e8564 | Triage

Submit
Reports

Overview

overview

Static

static

3

3db3efc2a2...18.exe

windows7-x64

3db3efc2a2...18.exe

windows10-2004-x64

Sharing

General

Target

3db3efc2a27e1edecdb08cf55c71484b_JaffaCakes118
Size

520KB
Sample

240514-dws63agh4t
MD5

3db3efc2a27e1edecdb08cf55c71484b
SHA1

cd4dbef36d10e3c2454396d6301d88c20e0a73c4
SHA256

c6bb72e0a48fcf77920ddc48dd799f04a73ca287f56afb3dd5709725a67e8564
SHA512

f0ae1517a0926bce5956aef7e3c369f1d4d811bd42a692114825e92384f4e4b488f8fea046443c1a9839d420ab0ae6d66beaa6fb00a42e35ba3e3239bfd73f66
SSDEEP

12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3db3efc2a27e1edecdb08cf55c71484b_JaffaCakes118.exe

Resource

win7-20240221-en

locky_lukitus ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

3db3efc2a27e1edecdb08cf55c71484b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

locky_lukitus ransomware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  3db3efc2a27e1edecdb08cf55c71484b_JaffaCakes118
- Size
  
  520KB
- MD5
  
  3db3efc2a27e1edecdb08cf55c71484b
- SHA1
  
  cd4dbef36d10e3c2454396d6301d88c20e0a73c4
- SHA256
  
  c6bb72e0a48fcf77920ddc48dd799f04a73ca287f56afb3dd5709725a67e8564
- SHA512
  
  f0ae1517a0926bce5956aef7e3c369f1d4d811bd42a692114825e92384f4e4b488f8fea046443c1a9839d420ab0ae6d66beaa6fb00a42e35ba3e3239bfd73f66
- SSDEEP
  
  12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy