Search
Keyword: usoj_locky.dldra
743 Total Search |
Showing Results : 1 - 20
This malware is seen being distributed by the Magnitude Exploit Kit. It exploits a vulnerability in the Windows kernel (CVE-2015-1701) to download a LOCKY ransomware. To get a one-glance
Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
following registry keys: HKEY_CURRENT_USER\Software\Locky It adds the following registry entries as part of its installation routine: HKEY_CURRENT_USER\Software\Locky id = "{unique ID per victim}
\Locky It adds the following registry entries as part of its installation routine: HKEY_CURRENT_USER\Software\Locky id = "{unique ID per victim}" HKEY_CURRENT_USER\Software\Locky pubkey = "{publick key}
Modifications This Trojan modifies the following file(s): It renames the encrypted files to {unique ID per victim}{identifier}.locky It adds the following registry keys: HKEY_CURRENT_USER\Software\Locky It adds
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This is deleted after encryption of all files) Other System Modifications This Trojan
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This is deleted after encryption of all files) Other System Modifications This Trojan
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This registry entry is deleted after encryption of all files) Other System Modifications
renames the encrypted files to {unique ID per victim}{identifier}.locky It adds the following registry keys: HKEY_CURRENT_USER\Software\Locky It adds the following registry entries as part of its
Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%
}.locky It adds the following registry keys: HKEY_CURRENT_USER\Software\Locky It adds the following registry entries as part of its installation routine: HKEY_CURRENT_USER\Software\Locky id = "{unique ID
\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This registry entry is deleted after encryption of all files) Other System Modifications This Trojan modifies the following file(s): It
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This is deleted after encryption of all files) Other System Modifications This Trojan
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" (Note: This is deleted after encryption of all files) Other System Modifications This Trojan
visiting malicious sites. Other System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\Locky It adds the following registry entries: HKEY_CURRENT_USER\Software\Locky id
to {unique ID per victim}{identifier}.locky It adds the following registry keys: HKEY_CURRENT_USER\Software\Locky It adds the following registry entries as part of its installation routine:
\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" Other System Modifications This Trojan modifies the following file(s): It renames the encrypted files to {unique ID per victim}{identifier}.locky
\ Windows\CurrentVersion\Run Locky = "%User Temp%\svchost.exe" Other System Modifications This Trojan modifies the following file(s): It renames the encrypted files to {unique ID per victim}{identifier}.locky