943d4c645f76f0d0494cb9ceca513e83a45e738bc2db71360116716720f4bed4 | Triage

Submit
Reports

Overview

overview

8

Static

static

lockbit.exe

windows7-x64

8

Sharing

General

Target

lockbit.exe
Size

146KB
Sample

221005-s357jafacl
MD5

fed98c2820ca40c228ef080ddf68e994
SHA1

c61dd67fa85a6e3e1cf48512263a7097d0eac80e
SHA256

943d4c645f76f0d0494cb9ceca513e83a45e738bc2db71360116716720f4bed4
SHA512

6a9705d55b322e17e1f4d5380cf895e61ea89cdeca53e1b62833b0a37bafd3b785c8ee8625b4198c132741ad024d949eeb34053ef391a955540a8b836c5c1ca3
SSDEEP

1536:LzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDuKaUTGiblZ8FvBq5dF9n4KkPqD:0qJogYkcSNm9V7DxGDcYqg6lT

Score

8^/10

ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

lockbit.exe

Resource

win7-20220812-en

ransomware spyware stealer

windows7-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  lockbit.exe
- Size
  
  146KB
- MD5
  
  fed98c2820ca40c228ef080ddf68e994
- SHA1
  
  c61dd67fa85a6e3e1cf48512263a7097d0eac80e
- SHA256
  
  943d4c645f76f0d0494cb9ceca513e83a45e738bc2db71360116716720f4bed4
- SHA512
  
  6a9705d55b322e17e1f4d5380cf895e61ea89cdeca53e1b62833b0a37bafd3b785c8ee8625b4198c132741ad024d949eeb34053ef391a955540a8b836c5c1ca3
- SSDEEP
  
  1536:LzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDuKaUTGiblZ8FvBq5dF9n4KkPqD:0qJogYkcSNm9V7DxGDcYqg6lT
Score

8^/10

ransomware spyware stealer
- Executes dropped EXE
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

ransomwarespywarestealer

© 2018-2024

Terms | Privacy