locky | 4bc48b44a70845b1d9667fb7182f8fef848b821a9dbcff1c1de0cc9fc85bf2ed | Triage

Submit
Reports

Overview

overview

Static

static

1

Applicatio...75.zip

windows7-x64

1

Applicatio...75.zip

windows10-2004-x64

Sharing

General

Target

Application664a6b82cf275.zip
Size

72.8MB
Sample

240519-z23hksac71
MD5

6f7a65d8cc1d73d6377b7796e5aaf3c7
SHA1

8481c8d4b7dfafe086ac85b1cdc1222034fa0b11
SHA256

4bc48b44a70845b1d9667fb7182f8fef848b821a9dbcff1c1de0cc9fc85bf2ed
SHA512

b9ea40abdb98e75b48878fe8f14bdb93a7959efdb4f105e19f63a7686886477366dc01d309ab54247705d0911ab3c47be78cb6bc4e51d10066605bc77ca87a86
SSDEEP

1572864:mTW0tA7ochJ2Kufe5YDIoBxeb/weegXjmCGnnvzew62iZf35M+AL2FGIq1UkP:mTW0C77XbX5Ykobe0ezXjXcv363K+SP

Score

10^/10

locky stealc default ransomware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Application664a6b82cf275.zip

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Application664a6b82cf275.zip

Resource

win10v2004-20240508-en

locky stealc default ransomware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://147.45.47.71

Attributes

url_path
/eb6f29c6a60b3865.php

Targets

- Target
  
  Application664a6b82cf275.zip
- Size
  
  72.8MB
- MD5
  
  6f7a65d8cc1d73d6377b7796e5aaf3c7
- SHA1
  
  8481c8d4b7dfafe086ac85b1cdc1222034fa0b11
- SHA256
  
  4bc48b44a70845b1d9667fb7182f8fef848b821a9dbcff1c1de0cc9fc85bf2ed
- SHA512
  
  b9ea40abdb98e75b48878fe8f14bdb93a7959efdb4f105e19f63a7686886477366dc01d309ab54247705d0911ab3c47be78cb6bc4e51d10066605bc77ca87a86
- SSDEEP
  
  1572864:mTW0tA7ochJ2Kufe5YDIoBxeb/weegXjmCGnnvzew62iZf35M+AL2FGIq1UkP:mTW0C77XbX5Ykobe0ezXjXcv363K+SP
Score

10^/10

locky stealc default ransomware stealer
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

lockystealcdefaultransomwarestealer

© 2018-2024

Terms | Privacy