Extracted

• • Target

    a926fe9fc32e645bdde9656470c7cd005b21590cda222f72daf854de9ffc4fe0

  • Size

    250KB

  • MD5

    ef37842fc159631f9dd8f94c5e05a674

  • SHA1

    07e19dd6f2b5ebe86614251860a067012d2a0ce9

  • SHA256

    a926fe9fc32e645bdde9656470c7cd005b21590cda222f72daf854de9ffc4fe0

  • SHA512

    e45235cea10568547a0cf9b3c3d5550eb76a67ebd950dad17bbd4fb1e441c9f904e7c6c0e268e1a8a8d6374de229bd0f096f4b45983febf6237987823ced00a4

  Score

  10^/10

  lockfileransomwarespywarestealer

  • LockFile

    LockFile is a new ransomware that emerged in July 2021 with ProxyShell vulnerabilties.

    ransomwarelockfile

  • Drops file in Drivers directory

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Deletes itself

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops file in System32 directory

  behavioral1behavioral2