Overview

overview

10

Static

static

3

683cf9bccc...18.exe

windows7-x64

10

683cf9bccc...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    683cf9bccccf3ab30d8655e0fc3996f6_JaffaCakes118

  • Size

    615KB

  • Sample

    240522-xb4lvacd99

  • MD5

    683cf9bccccf3ab30d8655e0fc3996f6

  • SHA1

    cce97b2446f962df6df17785bcbae3d8283cf523

  • SHA256

    73cd7a019317b2cabbe269e5afc88b1fcd0508797a7eef4e9f9d3cdc1840fb4d

  • SHA512

    4d7a45db319a9e3f5fe14720b9bf2079a128167e5bdbd7ea19a2b5649b215c89076a1fb3a7ff51fdad327702001c02e24add3f2e85ec977140d883b663a88135

  • SSDEEP

    12288:HBRpTekU9TDkYwXkqqem+1tom7OxiWwHI1DRJ5hTBH41CXYXHSe2:HVTLUJQua2wo1DRJX1shHF

Score
10/10
locky_lukitusransomware

Malware Config

Targets

    • Target

      683cf9bccccf3ab30d8655e0fc3996f6_JaffaCakes118

    • Size

      615KB

    • MD5

      683cf9bccccf3ab30d8655e0fc3996f6

    • SHA1

      cce97b2446f962df6df17785bcbae3d8283cf523

    • SHA256

      73cd7a019317b2cabbe269e5afc88b1fcd0508797a7eef4e9f9d3cdc1840fb4d

    • SHA512

      4d7a45db319a9e3f5fe14720b9bf2079a128167e5bdbd7ea19a2b5649b215c89076a1fb3a7ff51fdad327702001c02e24add3f2e85ec977140d883b663a88135

    • SSDEEP

      12288:HBRpTekU9TDkYwXkqqem+1tom7OxiWwHI1DRJ5hTBH41CXYXHSe2:HVTLUJQua2wo1DRJX1shHF

    Score
    10/10
    locky_lukitusransomware

    • Locky (Lukitus variant)

      Variant of the Locky ransomware seen in the wild since late 2017.

      ransomwarelocky_lukitus

    • Deletes itself

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Resource Development

Reconnaissance

Tasks