Overview

overview

10

Static

static

10

2024-02-02...it.exe

windows7-x64

9

2024-02-02...it.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-02_78f7cc1214fc035b4bfe9d53361814a0_lockbit

  • Size

    274KB

  • MD5

    78f7cc1214fc035b4bfe9d53361814a0

  • SHA1

    1f15c7375cbbac7b0dccde9f15128d07dfa22f3f

  • SHA256

    23cbd38756af20524e35cc7afe5636f2ae0281af468e467543653e7d946f6811

  • SHA512

    6da0690ce3f927ed6146a962d96dae7fd36a8b2e63b7b6ec809ce530ad7d566f283dcbd054f0da2163df9656e4489745f6df810fce0315ab6ab56ac22405d3d2

  • SSDEEP

    6144:PGpV1z8Q8GpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:OpVaQpPpVaxy0bOM7np+e31

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables built or packed with MPress PE compressor 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-02_78f7cc1214fc035b4bfe9d53361814a0_lockbit
    .exe windows:5 windows x86 arch:x86

    f5e4c8acb92fb1c8223cff431020dba0


    Headers

    Imports

    Sections