locky | f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f | Triage

Submit
Reports

Overview

overview

Static

static

3

b99c2748e4...18.exe

windows7-x64

b99c2748e4...18.exe

windows10-2004-x64

Sharing

General

Target

b99c2748e46c0f8ed8da08fd933e0d9f_JaffaCakes118
Size

329KB
Sample

240617-x272ys1cla
MD5

b99c2748e46c0f8ed8da08fd933e0d9f
SHA1

b86e4150446e189259db650270edcc02296b4ca5
SHA256

f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f
SHA512

da239c429c2bc7e24f1a4ad1420d501a29e7abde4b89e474f290b4678d10a571c84b2cddb6994104ec2dc80d260122f3f8289e9113b2d0b54c483f249207167f
SSDEEP

3072:OODJbBMEjlrdbFDh2vR5w5HaP6yTEu2edjl5m5ejROBFNI4z8l+xL07HnkuTSG1L:JhF9h2f46P6yIu2hUROX4IAHDO9fs7

Score

10^/10

locky locky_osiris ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b99c2748e46c0f8ed8da08fd933e0d9f_JaffaCakes118.exe

Resource

win7-20231129-en

locky locky_osiris ransomware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

b99c2748e46c0f8ed8da08fd933e0d9f_JaffaCakes118.exe

Resource

win10v2004-20240611-en

locky locky_osiris ransomware

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  b99c2748e46c0f8ed8da08fd933e0d9f_JaffaCakes118
- Size
  
  329KB
- MD5
  
  b99c2748e46c0f8ed8da08fd933e0d9f
- SHA1
  
  b86e4150446e189259db650270edcc02296b4ca5
- SHA256
  
  f6045c3d60fb2e0ddbb264cd61adc37736508471aa5b3881f2510ec36ea6c00f
- SHA512
  
  da239c429c2bc7e24f1a4ad1420d501a29e7abde4b89e474f290b4678d10a571c84b2cddb6994104ec2dc80d260122f3f8289e9113b2d0b54c483f249207167f
- SSDEEP
  
  3072:OODJbBMEjlrdbFDh2vR5w5HaP6yTEu2edjl5m5ejROBFNI4z8l+xL07HnkuTSG1L:JhF9h2f46P6yIu2hUROX4IAHDO9fs7
Score

10^/10

locky locky_osiris ransomware
- Locky
  Ransomware strain released in 2016, with advanced features like anti-analysis.
  ransomware locky
- Locky (Osiris variant)
  Variant of the Locky ransomware seen in the wild since early 2017.
  ransomware locky_osiris
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockylocky_osirisransomware

behavioral2

lockylocky_osirisransomware

© 2018-2024

Terms | Privacy