locky_lukitus | 7901ebd5dd0b9ab60dab39754ae62dcca413b4d3a6a2120af442bab86b3395f8 | Triage

Submit
Reports

Overview

overview

Static

static

3

779df3e9d2...18.exe

windows7-x64

779df3e9d2...18.exe

windows10-2004-x64

Sharing

General

Target

779df3e9d22b688c2483a16130d3887c_JaffaCakes118
Size

615KB
Sample

240527-czmm1sdb4w
MD5

779df3e9d22b688c2483a16130d3887c
SHA1

dd83fb41fc7ac424dc27c96f602bbcb352f63d48
SHA256

7901ebd5dd0b9ab60dab39754ae62dcca413b4d3a6a2120af442bab86b3395f8
SHA512

50522b51e0ad216f16745e131fedb861ba01e930dcc06097e9ccabca9fc72765ba980734cadfd2d6fb8015e93d5f875a531bdf12b2c1b87337cf1d54de1be1cb
SSDEEP

12288:ABRpTQKGR7CeMawvztNwKkwuNd23Pn9bzX2vuZiZ7LiA7OK:AVTQz6aWs723Ptb2mZY7e81

Score

10^/10

locky_lukitus ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

779df3e9d22b688c2483a16130d3887c_JaffaCakes118.exe

Resource

win7-20240508-en

locky_lukitus ransomware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

779df3e9d22b688c2483a16130d3887c_JaffaCakes118.exe

Resource

win10v2004-20240508-en

locky_lukitus ransomware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  779df3e9d22b688c2483a16130d3887c_JaffaCakes118
- Size
  
  615KB
- MD5
  
  779df3e9d22b688c2483a16130d3887c
- SHA1
  
  dd83fb41fc7ac424dc27c96f602bbcb352f63d48
- SHA256
  
  7901ebd5dd0b9ab60dab39754ae62dcca413b4d3a6a2120af442bab86b3395f8
- SHA512
  
  50522b51e0ad216f16745e131fedb861ba01e930dcc06097e9ccabca9fc72765ba980734cadfd2d6fb8015e93d5f875a531bdf12b2c1b87337cf1d54de1be1cb
- SSDEEP
  
  12288:ABRpTQKGR7CeMawvztNwKkwuNd23Pn9bzX2vuZiZ7LiA7OK:AVTQz6aWs723Ptb2mZY7e81
Score

10^/10

locky_lukitus ransomware
- Locky (Lukitus variant)
  Variant of the Locky ransomware seen in the wild since late 2017.
  ransomware locky_lukitus
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

locky_lukitusransomware

behavioral2

locky_lukitusransomware

© 2018-2024

Terms | Privacy