locky_lukitus | cefb526d4067694c034c8c578b38d3ce68fdb56f10025dfa30f39f0556286d15 | Triage

Submit
Reports

Overview

overview

Static

static

3

45021a1a15...18.exe

windows7-x64

45021a1a15...18.exe

windows10-2004-x64

Sharing

General

Target

45021a1a159dea9952ad3494b8d49852_JaffaCakes118
Size

520KB
Sample

240515-hs6p7sec83
MD5

45021a1a159dea9952ad3494b8d49852
SHA1

9d410c919a965b80ce451b8565286d2f9de05b23
SHA256

cefb526d4067694c034c8c578b38d3ce68fdb56f10025dfa30f39f0556286d15
SHA512

c426327ba46ff80c2c943e41fe2417fb2dd2628f9a2431d1bcae390fe6b7fe53891f40436b3cdd8a661b5f954f7763bbc737225360bc29ca16da00fc1efdf83a
SSDEEP

12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

45021a1a159dea9952ad3494b8d49852_JaffaCakes118.exe

Resource

win7-20240221-en

locky_lukitus ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

45021a1a159dea9952ad3494b8d49852_JaffaCakes118.exe

Resource

win10v2004-20240426-en

locky_lukitus ransomware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  45021a1a159dea9952ad3494b8d49852_JaffaCakes118
- Size
  
  520KB
- MD5
  
  45021a1a159dea9952ad3494b8d49852
- SHA1
  
  9d410c919a965b80ce451b8565286d2f9de05b23
- SHA256
  
  cefb526d4067694c034c8c578b38d3ce68fdb56f10025dfa30f39f0556286d15
- SHA512
  
  c426327ba46ff80c2c943e41fe2417fb2dd2628f9a2431d1bcae390fe6b7fe53891f40436b3cdd8a661b5f954f7763bbc737225360bc29ca16da00fc1efdf83a
- SSDEEP
  
  12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy