locky_lukitus | 3315a2d5e721d5651480de71849f677a1a8ee2d4c2d7118053f02c71fb580b23 | Triage

Submit
Reports

Overview

overview

Static

static

3

75f0638e40...18.exe

windows7-x64

75f0638e40...18.exe

windows10-2004-x64

Sharing

General

Target

75f0638e40cb937d9a553eb08b57d54c_JaffaCakes118
Size

599KB
Sample

240526-syq7taca97
MD5

75f0638e40cb937d9a553eb08b57d54c
SHA1

90ee61f64291bc6ae80abed380c21ce335662d72
SHA256

3315a2d5e721d5651480de71849f677a1a8ee2d4c2d7118053f02c71fb580b23
SHA512

4d837e332f1c66d971076a66b29bddf66e7e01c483598973869db0ad058ccdf3d8ee696979fa1f38d6dddf3fee3bc70ee4254a485d336738f63e2ceabb0f135c
SSDEEP

12288:XCHtHX2MoozEXPSL85ZGdVcbxdGnu+QF2O79niSCWPJxXvhFc3wGclt:XCHtHKsEXPMQYcbGnk/7FiSZPJRhRD

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

75f0638e40cb937d9a553eb08b57d54c_JaffaCakes118.exe

Resource

win7-20240221-en

locky_lukitus ransomware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

75f0638e40cb937d9a553eb08b57d54c_JaffaCakes118.exe

Resource

win10v2004-20240508-en

locky_lukitus ransomware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  75f0638e40cb937d9a553eb08b57d54c_JaffaCakes118
- Size
  
  599KB
- MD5
  
  75f0638e40cb937d9a553eb08b57d54c
- SHA1
  
  90ee61f64291bc6ae80abed380c21ce335662d72
- SHA256
  
  3315a2d5e721d5651480de71849f677a1a8ee2d4c2d7118053f02c71fb580b23
- SHA512
  
  4d837e332f1c66d971076a66b29bddf66e7e01c483598973869db0ad058ccdf3d8ee696979fa1f38d6dddf3fee3bc70ee4254a485d336738f63e2ceabb0f135c
- SSDEEP
  
  12288:XCHtHX2MoozEXPSL85ZGdVcbxdGnu+QF2O79niSCWPJxXvhFc3wGclt:XCHtHKsEXPMQYcbGnk/7FiSZPJRhRD
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy