General
-
Target
2024-03-13_f28a75de3d39b47c7529146ea4195e6b_darkside
-
Size
149KB
-
Sample
240313-a4fddshf83
-
MD5
f28a75de3d39b47c7529146ea4195e6b
-
SHA1
0442ba2c8e9f585acbb4ab9f8f99ea84af729e86
-
SHA256
8732b3934981357a625f425af08731a6bb5fc00f3a957dd4518de98cf84d08d7
-
SHA512
ab2765f862a5a014a3f31f697fe1915778ab40c40cc25f66cc19c0a3bad546ca867649430a1b398ee48599e74be609d8ea76e52491c3294f507f505d4b3bb4a2
-
SSDEEP
3072:Z6glyuxE4GsUPnliByocWepTXD5R8yBq/a0vV0:Z6gDBGpvEByocWep1eyaa0vV0
Behavioral task
behavioral1
Sample
2024-03-13_f28a75de3d39b47c7529146ea4195e6b_darkside.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-13_f28a75de3d39b47c7529146ea4195e6b_darkside.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
C:\Users\Admin\z9VLivqzH.README.txt
lockbit
https://twitter.com/hashtag/lockbit?f=live
https://tox.chat/download.html
Extracted
C:\z9VLivqzH.README.txt
lockbit
https://twitter.com/hashtag/lockbit?f=live
https://tox.chat/download.html
Targets
-
-
Target
2024-03-13_f28a75de3d39b47c7529146ea4195e6b_darkside
-
Size
149KB
-
MD5
f28a75de3d39b47c7529146ea4195e6b
-
SHA1
0442ba2c8e9f585acbb4ab9f8f99ea84af729e86
-
SHA256
8732b3934981357a625f425af08731a6bb5fc00f3a957dd4518de98cf84d08d7
-
SHA512
ab2765f862a5a014a3f31f697fe1915778ab40c40cc25f66cc19c0a3bad546ca867649430a1b398ee48599e74be609d8ea76e52491c3294f507f505d4b3bb4a2
-
SSDEEP
3072:Z6glyuxE4GsUPnliByocWepTXD5R8yBq/a0vV0:Z6gDBGpvEByocWep1eyaa0vV0
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-