General

  • Target

    conhost.exe

  • Size

    143KB

  • MD5

    d2725bca9cff007555bacf2ec998f453

  • SHA1

    87b8918e94d44cab2ba113f5f9fba21279b4a8ef

  • SHA256

    b49c2214a192f777060c812e5e9ac678d19919e8f21fe3e4ed62c85ecc9040e8

  • SHA512

    8ad66283d073b9a53e4b80f0ba5795954920006e65d2774f47829620fee5f11f664c7d467b8a2f234c98a584b7d8206fee22b570dcb1610a695013d7d603bb25

  • SSDEEP

    3072:4w2vENKK7DzwxJfkID9ek8c4RyJuq1DVedjqi7DKXIlu0NT8ZmDProa7W:wvzK7DaawkRyJH4djl7DKXIpKmDPkaK

Score
10/10

Malware Config

Signatures

  • Lockbit family
  • Rule to detect Lockbit 3.0 ransomware Windows payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • conhost.exe
    .exe windows:5 windows x86 arch:x86

    914685b69f2ac2ff61b6b0f1883a054d


    Headers

    Imports

    Sections