locky_lukitus | 0d0ec7cc3b6c9ca1251cfb8672cd4e9c68080f7f0a67ad17357f62a9fd4aea5d | Triage

Submit
Reports

Overview

overview

Static

static

3

40ebefdec6...18.exe

windows7-x64

40ebefdec6...18.exe

windows10-2004-x64

Sharing

General

Target

40ebefdec6870263827ce6425702e785_JaffaCakes118
Size

654KB
Sample

240514-kt64gahg78
MD5

40ebefdec6870263827ce6425702e785
SHA1

6eeb5a2e81f54e1eec1eb7af2ed621504011065b
SHA256

0d0ec7cc3b6c9ca1251cfb8672cd4e9c68080f7f0a67ad17357f62a9fd4aea5d
SHA512

62e1f05949536d7ac5ae878c5eff25dda11cb44073c27d93a203b39fd029664b17966c60a047bf7a3345ab0bee99548b589fef20e8257c8351c18fbd6459c54d
SSDEEP

12288:/jmKnV9Lv7w9/X/cqujXisFagbSn7Iu+Oyj6IS4fGY9+HcmH:/xnfS/XfuDisAgbeUup4OY9+F

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

40ebefdec6870263827ce6425702e785_JaffaCakes118.exe

Resource

win7-20240215-en

locky_lukitus ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

40ebefdec6870263827ce6425702e785_JaffaCakes118.exe

Resource

win10v2004-20240426-en

locky_lukitus ransomware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  40ebefdec6870263827ce6425702e785_JaffaCakes118
- Size
  
  654KB
- MD5
  
  40ebefdec6870263827ce6425702e785
- SHA1
  
  6eeb5a2e81f54e1eec1eb7af2ed621504011065b
- SHA256
  
  0d0ec7cc3b6c9ca1251cfb8672cd4e9c68080f7f0a67ad17357f62a9fd4aea5d
- SHA512
  
  62e1f05949536d7ac5ae878c5eff25dda11cb44073c27d93a203b39fd029664b17966c60a047bf7a3345ab0bee99548b589fef20e8257c8351c18fbd6459c54d
- SSDEEP
  
  12288:/jmKnV9Lv7w9/X/cqujXisFagbSn7Iu+Oyj6IS4fGY9+HcmH:/xnfS/XfuDisAgbeUup4OY9+F
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy