Overview

overview

10

Static

static

10

2024-02-03...it.exe

windows7-x64

9

2024-02-03...it.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-03_4fca17407a6e6724febc9b2172e247ba_lockbit

  • Size

    275KB

  • MD5

    4fca17407a6e6724febc9b2172e247ba

  • SHA1

    215ca1bf5cbe739654d797bc9737aecdb2b6fa98

  • SHA256

    3f2bcf47cf78f37f4c5c3f0d3e4e73450e797852a9192b5c610cb6c77585ac9d

  • SHA512

    dcc6b6f62c8570b32260318e4eb05dc83e5ca6a4753ab99c623085a3431fa0a830933fda4135a93a59ef1e987351731e1b73852ba274d6a1fd996ceac5a25842

  • SSDEEP

    6144:XGpV1z8QHGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:WpVarpPpVaxy0bOM7np+e31

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables built or packed with MPress PE compressor 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-03_4fca17407a6e6724febc9b2172e247ba_lockbit
    .exe windows:5 windows x86 arch:x86

    f5e4c8acb92fb1c8223cff431020dba0


    Headers

    Imports

    Sections