Resubmissions

11-03-2024 18:04

240311-wnnwgscb67 10

General

  • Target

    LockBit-V3.zip

  • Size

    293KB

  • MD5

    f35c9e87f63d3f8d4db5b1a01a14e464

  • SHA1

    7fd87ed64dbb2780b5deccc0a9d138b3b9402e8b

  • SHA256

    4dfa2dcbcfe39550255fcf5daaa4ee3b74e7ea3a32666c91c100fb6b8508544b

  • SHA512

    04d8f57d6a592d30b3af8ee96ed2480a2b594b25a37b500613a06aee994705045140ed6f4152c97f17e935122003d45d6ae64fad668a08cf7e6438f48e3167e3

  • SSDEEP

    6144:50gWKhB5TA1yAmI28MqQoZNTelXsxRw5Bp0i49h/t1uDcMxDM074:50gWw5rA08MLCeG/i49JEcUE

Score
10/10

Malware Config

Extracted

Family

blackmatter

Version

25.239

Signatures

  • Blackmatter family
  • Lockbit family
  • Rule to detect Lockbit 3.0 ransomware Windows payload 1 IoCs
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • LockBit-V3.zip
    .zip

    Password: infected

  • Build.bat
  • builder.exe
    .exe windows:5 windows x86 arch:x86

    d2e26e45dcb84f1062f90f29a9cf0faa


    Headers

    Imports

    Sections

  • config.json
  • keygen.exe
    .exe windows:5 windows x86 arch:x86

    73eeda700d0a0376845c61c44155f4a8


    Headers

    Imports

    Sections

  • macro.vbs
    .vbs