The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
Tags
attack-pattern: Data Control Panel - T1218.002 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 6b555352-6b77-42e7-9093-738e793403fb
Fingerprint 94f638732ea23c45
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 16, 2016, midnight
Added to db Jan. 19, 2023, 12:08 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
Title The Locky Ransomware Encrypts Local Files and Unmapped Network Shares
Detected Hints/Tags/Attributes 45/1/18
Source URLs
Redirection Url
Details Source http://www.bleepingcomputer.com/news/security/the-Locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Details Source http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Details Source https://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details Domain 4 
6dtxgqam4crv6rr6.onion
Details File 2 
invoice_j-17105013.doc
Details File 28 
tar.bz2
Details File 96 
wallet.dat
Details File 143 
thumbs.db
Details File 351 
recycle.bin
Details File 74 
test.jpg
Details File 345 
vssadmin.exe
Details File 9 
_locky_recover_instructions.txt
Details File 4 
_locky_recover_instructions.bmp
Details File 2 
%userprofile%\desktop\_locky_recover_instructions.bmp
Details md5 3 
F67091F1D24A922B1A7FC27E19A9D9BC
Details Windows Registry Key 2 
HKCU\Software\Locky\id
Details Windows Registry Key 2 
HKCU\Software\Locky\pubkey
Details Windows Registry Key 2 
HKCU\Software\Locky\paytext
Details Windows Registry Key 2 
HKCU\Software\Locky\completed
Details Windows Registry Key 3 
HKCU\Software\Locky
Details Windows Registry Key 37 
HKCU\Control