ANALISIS PRILAKU DAN DAMPAK MALWARE RANSOMWARE LOCKY METODE DINAMIS FRAMEWORK FLAREVM

Locky ransomware malware is a very dangerous malware and malware has the potential to encrypt all important victim data in exchange for ransom in return, this will be very detrimental to victims who do not know anything. Malware that is easy to infiltrate and enter at any time makes the system vulnerable, so there needs to be in-depth research on malware, namely behavioral analysis and the impact of malware to determine the characteristics of malware, considering that the more the prevention system develops, the more malware developers develop their malware so that it cannot be detected by the prevention system. By conducting dynamic analysis, malware will be run on the Windows 10 operating system and allowed to infect with the support of the flarevm framework which has complete security standards and tools to analyze the behavior and impact of malware, with the results of the analysis obtained it can be concluded that the locky ransomware malware has a tendency to add key or value behavior and uses internet protocols to send and receive files, namely TCP (Transmission Control Protocol).

Keywords: Malware, Ransomware Locky, Dynamic Analysis