Overview

overview

10

Static

static

3

e00f2f041d...18.exe

windows7-x64

10

e00f2f041d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e00f2f041d4c88d7294da2a3a5c7b85e_JaffaCakes118

  • Size

    361KB

  • Sample

    240914-m78kkazhll

  • MD5

    e00f2f041d4c88d7294da2a3a5c7b85e

  • SHA1

    7b44584eaf96466cf501c27b2c8bcd50507dafe9

  • SHA256

    6a1b91e518c454ada77d66005d1f1dff19620939567c04129992d1a1811f0517

  • SHA512

    1cfef6c178093e0377aeb85e536e344ebd88b9a10ebe688bc2998b78bb9649c1567ab01a717099a2c6f2135b636c7c5f9462d5b5e612be54531dd33e1da6638a

  • SSDEEP

    6144:ZKlLkXRRcBaIxm15ybiEg+QO8bMebp9pMXt8f9m:ZKlLkXRR+aIxml+Tle1pU

Score
10/10
lockylocky_osirisdefense_evasiondiscoveryransomware

Malware Config

Targets

    • Target

      e00f2f041d4c88d7294da2a3a5c7b85e_JaffaCakes118

    • Size

      361KB

    • MD5

      e00f2f041d4c88d7294da2a3a5c7b85e

    • SHA1

      7b44584eaf96466cf501c27b2c8bcd50507dafe9

    • SHA256

      6a1b91e518c454ada77d66005d1f1dff19620939567c04129992d1a1811f0517

    • SHA512

      1cfef6c178093e0377aeb85e536e344ebd88b9a10ebe688bc2998b78bb9649c1567ab01a717099a2c6f2135b636c7c5f9462d5b5e612be54531dd33e1da6638a

    • SSDEEP

      6144:ZKlLkXRRcBaIxm15ybiEg+QO8bMebp9pMXt8f9m:ZKlLkXRR+aIxml+Tle1pU

    Score
    10/10
    lockylocky_osirisdefense_evasiondiscoveryransomware

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Locky (Osiris variant)

      Variant of the Locky ransomware seen in the wild since early 2017.

      ransomwarelocky_osiris

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks