Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

LockBit30/Build.bat

windows7-x64

1

LockBit30/Build.bat

windows10-2004-x64

1

LockBit30/builder.exe

windows7-x64

1

LockBit30/builder.exe

windows10-2004-x64

1

LockBit30/keygen.exe

windows7-x64

1

LockBit30/keygen.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/09/2022, 11:22 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LockBit30/Build.bat

  • Size

    741B

  • MD5

    4e46e28b2e61643f6af70a8b19e5cb1f

  • SHA1

    804a1d0c4a280b18e778e4b97f85562fa6d5a4e6

  • SHA256

    8e83a1727696ced618289f79674b97305d88beeeabf46bd25fc77ac53c1ae339

  • SHA512

    009b17b515ff0ea612e54d8751eef07f1e2b54db07e6cd69a95e7adf775f3c79a0ea91bff2fe593f2314807fdc00c75d80f1807b7dbe90f0fcf94607e675047b

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 21 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\LockBit30\Build.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Users\Admin\AppData\Local\Temp\LockBit30\keygen.exe
      keygen -path C:\Users\Admin\AppData\Local\Temp\LockBit30\Build -pubkey pub.key -privkey priv.key
      2⤵
        PID:544
      • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
        builder -type dec -privkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\priv.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3Decryptor.exe
        2⤵
          PID:2880
        • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
          builder -type enc -exe -pubkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3.exe
          2⤵
            PID:3544
          • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
            builder -type enc -exe -pass -pubkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3_pass.exe
            2⤵
              PID:3700
            • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
              builder -type enc -dll -pubkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3_Rundll32.dll
              2⤵
                PID:2396
              • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
                builder -type enc -dll -pass -pubkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3_Rundll32_pass.dll
                2⤵
                  PID:928
                • C:\Users\Admin\AppData\Local\Temp\LockBit30\builder.exe
                  builder -type enc -ref -pubkey C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key -config config.json -ofile C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\LB3_ReflectiveDll_DllMain.dll
                  2⤵
                    PID:1192

                Network

                  No results found
                • 13.69.239.72:443
                  322 B
                   7
                No results found

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\priv.key
                  Filesize

                  344B

                  MD5

                  541840b9aa47d7ef280341dfc8b2b198

                  SHA1

                  85e00aceba01b8c228077d97a0caf609164f7e12

                  SHA256

                  e2b26a978fff7d59e087e349d5a6ddbd876836e330df8e7c37712b8b61089f8e

                  SHA512

                  d1be3dc2cdf0dfdd8eda00d3fcd08fae4c73b93e92c59076d4cc8202a75bca44d813aa14064f49beb4b97d08d379097bdf3cfa132d50ab7524dbd23ea9be9919

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\LockBit30\Build\pub.key
                  Filesize

                  344B

                  MD5

                  873c164483e5d8940b729ac007d74608

                  SHA1

                  b990d25092038d6c9ec61e0e52b26f4c5b2d6e3a

                  SHA256

                  c9de6238ba7eee2486ff6eee3fc860be669b6dba5297bf4a3fc368f020967013

                  SHA512

                  66897fd2f1cd97bdfab39c7b4c3e35fb4fd845bd2a824660d4a90f0a3f430465266fc25e4f1233b72f8c88246eb1c326806aeeedabee2c0afa6babbd046fb857

                  Download Submit

                We care about your privacy.

                This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.