lockbit | 2023-04-24_9b78e1df19ce651515acbd44d9b2db2f_darkside | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023-04-24_9b78e1df19ce651515acbd44d9b2db2f_darkside
Size

152KB
MD5

9b78e1df19ce651515acbd44d9b2db2f
SHA1

b957df9cc1042ef0525c7ab7e571c7e62d9a2b09
SHA256

dbd257edb540adab6d4cf2d1b8dcad171201b110e7efac2589d047e28ecb4634
SHA512

02b6ab515ce25eaefac7dbde9e20e6b9c91a3f792193a7e015a9431ee984aee245fba14856e38fef01244f236dace8c528bbee13e43b7f689bba0fff8ff0d4a4
SSDEEP

3072:XqJogYkcSNm9V7DPSryeGqNrHQZQDYrT:Xq2kc4m9tDPSW2HaQDY

Score

10^/10

lockbit

Malware Config

Signatures

Lockbit family
lockbit

Rule to detect Lockbit 3.0 ransomware Windows payload 1 IoCs

resource	yara_rule
sample	family_lockbit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-04-24_9b78e1df19ce651515acbd44d9b2db2f_darkside

Files

2023-04-24_9b78e1df19ce651515acbd44d9b2db2f_darkside
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.tett...
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

test
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

test
Size: 40KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

test
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

test
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ