Overview

overview

10

Static

static

10

LockBit-Bl...ld.bat

windows10-2004-x64

1

LockBit-Bl...B3.exe

windows10-2004-x64

10

LockBit-Bl...or.exe

windows10-2004-x64

1

LockBit-Bl...in.dll

windows10-2004-x64

7

LockBit-Bl...32.dll

windows10-2004-x64

1

LockBit-Bl...ss.dll

windows10-2004-x64

10

LockBit-Bl...ss.exe

windows10-2004-x64

10

LockBit-Bl...er.exe

windows10-2004-x64

1

LockBit-Bl...en.exe

windows10-2004-x64

1

LockBit-Bl...ld.bat

windows10-2004-x64

1

LockBit-Bl...B3.exe

windows10-2004-x64

10

LockBit-Bl...or.exe

windows10-2004-x64

5

LockBit-Bl...in.dll

windows10-2004-x64

10

LockBit-Bl...32.dll

windows10-2004-x64

1

LockBit-Bl...ss.dll

windows10-2004-x64

10

LockBit-Bl...ss.exe

windows10-2004-x64

10

LockBit-Bl...er.exe

windows10-2004-x64

1

LockBit-Bl...en.exe

windows10-2004-x64

1

Resubmissions

23-05-2024 09:35

240523-lkmh5scb37 10

28-04-2024 14:29

240428-rth5zahg49 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LockBit-Black-Builder-main.zip

  • Size

    1.7MB

  • Sample

    240523-lkmh5scb37

  • MD5

    4fb693236754d28c43d3123b555ae740

  • SHA1

    d3d6f0aa6068e9b2b9b47875bc13500392494421

  • SHA256

    f566f21f3db0c4a9f421f18e6561279b4dd4c5fd3c32456a6f2e5b927b49719d

  • SHA512

    ba81e0077f8dfbcbe58eda07d5b403089a71d56ae33578ba07abb7101c6254c9a7e042af2c0ede74b12fa142731c0ce638e7a98fd620e910bad7fbbdba710383

  • SSDEEP

    49152:Qm7iJLGvI8SbLm7S8lMA7DAJRxZ73a9VlknZbQT9:6JqgjiL+WEJRx6QZbQh

Score
10/10
blackmatterlockbitransomwarespywarestealer

Malware Config

Extracted

Family

blackmatter

Version

25.239

Extracted

Family

blackmatter

Version

65.239

Extracted

Path

C:\HHuYRxB06.README.txt

Family

lockbit

Ransom Note
~~~ LockBit 3.0 the world's fastest ransomware since 2019~~~ >>>> Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly >>>> What guarantees that we will not deceive you? We are not a politically motivated group and we do not need anything other than your money. If you pay, we will provide you the programs for decryption and we will delete your data. Life is too short to be sad. Be not sad, money, it is only paper. If we do not give you decrypters, or we do not delete your data after payment, then nobody will pay us in the future. Therefore to us our reputation is very important. We attack the companies worldwide and there is no dissatisfied victim after payment. You can obtain information about us on twitter https://twitter.com/hashtag/lockbit?f=live >>>> You need contact us and decrypt one file for free on these TOR sites with your personal DECRYPTION ID Download and install TOR Browser https://www.torproject.org/ Write to a chat and wait for the answer, we will always answer you. Sometimes you will need to wait for our answer because we attack many companies. Links for Tor Browser: http://lockbitsupt7nr3fa6e7xyb73lk6bw6rcneqhoyblniiabj4uwvzapqd.onion http://lockbitsupuhswh4izvoucoxsbnotkmgq6durg7kficg6u33zfvq3oyd.onion http://lockbitsupn2h6be2cnqpvncyhj4rgmnwn44633hnzzmtxdvjoqlp7yd.onion Link for the normal browser http://lockbitsupp.uz If you do not get an answer in the chat room for a long time, the site does not work and in any other emergency, you can contact us in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] >>>> Your personal DECRYPTION ID: 21BAF8E63EE715F83A1A71920F7C419A >>>> Warning! Do not DELETE or MODIFY any files, it can lead to recovery problems! >>>> Warning! If you do not pay the ransom we will attack your company repeatedly again! >>>> Advertisement Would you like to earn millions of dollars $$$ ? Our company acquire access to networks of various companies, as well as insider information that can help you steal the most valuable data of any company. You can provide us accounting data for the access to any company, for example, login and password to RDP, VPN, corporate email, etc. Open our letter at your email. Launch the provided virus on any computer in your company. You can do it both using your work computer or the computer of any other employee in order to divert suspicion of being in collusion with us. Companies pay us the foreclosure for the decryption of files and prevention of data leak. You can contact us using Tox messenger without registration and SMS https://tox.chat/download.html. Using Tox messenger, we will never know your real name, it means your privacy is guaranteed. If you want to contact us, write in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] If this contact is expired, and we do not respond you, look for the relevant contact data on our website via Tor or Brave browser Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly
URLs

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion

http://lockbitapt.uz

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly

https://twitter.com/hashtag/lockbit?f=live

Extracted

Path

C:\Users\HHuYRxB06.README.txt

Family

lockbit

Ransom Note
~~~ LockBit 3.0 the world's fastest ransomware since 2019~~~ >>>> Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly >>>> What guarantees that we will not deceive you? We are not a politically motivated group and we do not need anything other than your money. If you pay, we will provide you the programs for decryption and we will delete your data. Life is too short to be sad. Be not sad, money, it is only paper. If we do not give you decrypters, or we do not delete your data after payment, then nobody will pay us in the future. Therefore to us our reputation is very important. We attack the companies worldwide and there is no dissatisfied victim after payment. You can obtain information about us on twitter https://twitter.com/hashtag/lockbit?f=live >>>> You need contact us and decrypt one file for free on these TOR sites with your personal DECRYPTION ID Download and install TOR Browser https://www.torproject.org/ Write to a chat and wait for the answer, we will always answer you. Sometimes you will need to wait for our answer because we attack many companies. Links for Tor Browser: http://lockbitsupt7nr3fa6e7xyb73lk6bw6rcneqhoyblniiabj4uwvzapqd.onion http://lockbitsupuhswh4izvoucoxsbnotkmgq6durg7kficg6u33zfvq3oyd.onion http://lockbitsupn2h6be2cnqpvncyhj4rgmnwn44633hnzzmtxdvjoqlp7yd.onion Link for the normal browser http://lockbitsupp.uz If you do not get an answer in the chat room for a long time, the site does not work and in any other emergency, you can contact us in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] >>>> Your personal DECRYPTION ID: 21BAF8E63EE715F844D3029F592C524D >>>> Warning! Do not DELETE or MODIFY any files, it can lead to recovery problems! >>>> Warning! If you do not pay the ransom we will attack your company repeatedly again! >>>> Advertisement Would you like to earn millions of dollars $$$ ? Our company acquire access to networks of various companies, as well as insider information that can help you steal the most valuable data of any company. You can provide us accounting data for the access to any company, for example, login and password to RDP, VPN, corporate email, etc. Open our letter at your email. Launch the provided virus on any computer in your company. You can do it both using your work computer or the computer of any other employee in order to divert suspicion of being in collusion with us. Companies pay us the foreclosure for the decryption of files and prevention of data leak. You can contact us using Tox messenger without registration and SMS https://tox.chat/download.html. Using Tox messenger, we will never know your real name, it means your privacy is guaranteed. If you want to contact us, write in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] If this contact is expired, and we do not respond you, look for the relevant contact data on our website via Tor or Brave browser Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly
URLs

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion

http://lockbitapt.uz

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly

https://twitter.com/hashtag/lockbit?f=live

Extracted

Path

C:\ZImkTWSLZ.README.txt

Family

lockbit

Ransom Note
~~~ LockBit 3.0 the world's fastest ransomware since 2019~~~ >>>> Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly >>>> What guarantees that we will not deceive you? We are not a politically motivated group and we do not need anything other than your money. If you pay, we will provide you the programs for decryption and we will delete your data. Life is too short to be sad. Be not sad, money, it is only paper. If we do not give you decrypters, or we do not delete your data after payment, then nobody will pay us in the future. Therefore to us our reputation is very important. We attack the companies worldwide and there is no dissatisfied victim after payment. You can obtain information about us on twitter https://twitter.com/hashtag/lockbit?f=live >>>> You need contact us and decrypt one file for free on these TOR sites with your personal DECRYPTION ID Download and install TOR Browser https://www.torproject.org/ Write to a chat and wait for the answer, we will always answer you. Sometimes you will need to wait for our answer because we attack many companies. Links for Tor Browser: http://lockbitsupt7nr3fa6e7xyb73lk6bw6rcneqhoyblniiabj4uwvzapqd.onion http://lockbitsupuhswh4izvoucoxsbnotkmgq6durg7kficg6u33zfvq3oyd.onion http://lockbitsupn2h6be2cnqpvncyhj4rgmnwn44633hnzzmtxdvjoqlp7yd.onion Link for the normal browser http://lockbitsupp.uz If you do not get an answer in the chat room for a long time, the site does not work and in any other emergency, you can contact us in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] >>>> Your personal DECRYPTION ID: 21EFEFD3564BFFCFBC6685725E90382B >>>> Warning! Do not DELETE or MODIFY any files, it can lead to recovery problems! >>>> Warning! If you do not pay the ransom we will attack your company repeatedly again! >>>> Advertisement Would you like to earn millions of dollars $$$ ? Our company acquire access to networks of various companies, as well as insider information that can help you steal the most valuable data of any company. You can provide us accounting data for the access to any company, for example, login and password to RDP, VPN, corporate email, etc. Open our letter at your email. Launch the provided virus on any computer in your company. You can do it both using your work computer or the computer of any other employee in order to divert suspicion of being in collusion with us. Companies pay us the foreclosure for the decryption of files and prevention of data leak. You can contact us using Tox messenger without registration and SMS https://tox.chat/download.html. Using Tox messenger, we will never know your real name, it means your privacy is guaranteed. If you want to contact us, write in jabber or tox. Tox ID LockBitSupp: 3085B89A0C515D2FB124D645906F5D3DA5CB97CEBEA975959AE4F95302A04E1D709C3C4AE9B7 XMPP (Jabber) Support: [email protected] [email protected] If this contact is expired, and we do not respond you, look for the relevant contact data on our website via Tor or Brave browser Links for Tor Browser: http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion Links for the normal browser http://lockbitapt.uz http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly
URLs

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion

http://lockbitapt.uz

http://lockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onion.ly

http://lockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onion.ly

http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion.ly

http://lockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onion.ly

http://lockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onion.ly

http://lockbitaptjpikdqjynvgozhgc6bgetgucdk5xjacozeaawihmoio6yd.onion.ly

http://lockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion.ly

http://lockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onion.ly

http://lockbitaptoofrpignlz6dt2wqqc5z3a4evjevoa3eqdfcntxad5lmyd.onion.ly

https://twitter.com/hashtag/lockbit?f=live

Targets

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build.bat

    • Size

      733B

    • MD5

      1905cc9973206fea5050b737f9303fb4

    • SHA1

      497524177d9478a4b5dca3e73cc230be6abf4ce0

    • SHA256

      e2f5b93040d57de6251d16256bcd04aa8eb337bde87308e602f01070efd345fb

    • SHA512

      95bae9406d01083f6fe6916ecf8e889afe20ff5863070f1787dc7a60d2d1d5af2cf3fd481a3c4fb531f16dd2cb7a685002aaac1dc907cf189c19c60f2816dd76

    Score
    1/10
    behavioral1

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3.exe

    • Size

      153KB

    • MD5

      c73eac0c837c3c5caca3a885f46c17d9

    • SHA1

      a0ca9511b40c9c2451986ce179016ec4014e9adb

    • SHA256

      e609bf8406b61613f3e605d277cf445059974a4c71c3edd09fffae86a3c5dbfe

    • SHA512

      157c92e561cd18876ab60faf8a3d8e62633e7750accb965e86f3202b0d5ff902d3ae51fb41592d9be22672e67a713291e469a09be57e6f77dd6343090324792a

    • SSDEEP

      3072:xqJogYkcSNm9V7D2YRLCm8ZdqVAxrMismEm8T:xq2kc4m9tDlhLqb

    Score
    10/10
    lockbitransomwarespywarestealer

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Renames multiple (625) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral2

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3Decryptor.exe

    • Size

      54KB

    • MD5

      d1c15784587717fe03448d0c4dc8dd5b

    • SHA1

      f36ac101949a4fa8f604d561957fb9d3e1f73699

    • SHA256

      4973313c1c003a27190fba0a43dda1be78891552c9fabaa0c65e0051965ceee7

    • SHA512

      ef81b11962fb56a583c43ecdf0f8c66ef17850e85e56794b6c4ca328751609e4fe1fb1494e0e7315ff396510c467e440b74b62c105ce226f2fda49379d551a81

    • SSDEEP

      768:llD2N5KCJD5rkdDRib1Xf0854bhC3E9zpKMMYj1MYgFMRx:nAkCJD5rKDRib1F54NLp2Yj1M7MD

    Score
    1/10
    behavioral3

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3_ReflectiveDll_DllMain.dll

    • Size

      106KB

    • MD5

      2ecc319574b76994e76c4f971c820362

    • SHA1

      8f3d04cab7c6be2220860ec391d75ba2f8f17b33

    • SHA256

      123797c18b044fb5aeba5dcccaf9ef1df0b7553413e9433876f1f94b8cd0584f

    • SHA512

      39c63668d424ff9efa625a82312edf5a30f7ca3edd896bd6ef1857ced02e5462cf191af54b6e55388b844fa5e50f77e3a6ce5b5983f61eb57a45c4b2fbb3567e

    • SSDEEP

      1536:LzICS4A30TY1kUS/U2ztdS1I6DdL9Ta16CX4VtgYfC3zHZbhuMGCS:0J0TYyUS/U2RgGWL9+joVtHfilfd

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral4

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3_Rundll32.dll

    • Size

      152KB

    • MD5

      a451f94bf71b55142e64d65dda361e3d

    • SHA1

      79dbdba2019c0bb2859cf2886ad4ceaadf769311

    • SHA256

      42a708a61e3bb54ac63748ac47bb96ded6e32bbe927a87c8e57094110293c325

    • SHA512

      a5336d7a3345a562214f8081459937f4c9c17882aa614fa514eea6ec7e3afd416e943560a92ecfe88ecc281729c9e6eefe2300d087b1ee510aaef0d3ac343803

    • SSDEEP

      3072:LrPn1hcH98P67PBH2G3gFoh3H6J1vVjgQp3RpM1dpbQrQymzUOMgInmwuzEvigpx:LrP1hG98P67PNV3gih3H6J1VjgQp3Rpb

    Score
    1/10
    behavioral5

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3_Rundll32_pass.dll

    • Size

      148KB

    • MD5

      1cf36fecacae95acaed46247090fd4b6

    • SHA1

      4dcf048521b7c8fcba54d20f06be6ea60131bce1

    • SHA256

      6eb4d985a52554d37c0efec1457258e4dfd4619ff0396c66e2f9a02d8381ce57

    • SHA512

      7b6c660245ed236a12e4c7e36e30283b5d2736de2d419da60d4ab584016de24dd40f7c4d407c5a4cee3c1995d136a775f72ed2ca16c911d75a2c9c2f4b57a99c

    • SSDEEP

      3072:TTmYfHnIUoQ3+Cv9y5esf+Ieva3YVxz8jZGhjhjGI:TBvn3+WnSev7VujMzf

    Score
    10/10
    lockbitransomware

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Rule to detect Lockbit 3.0 ransomware Windows payload

    behavioral6

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/Build/LB3_pass.exe

    • Size

      149KB

    • MD5

      4f6c3752e20422203d1bd00acb082ba5

    • SHA1

      2d648879014bf464bf3ed640642c9f7665115ad4

    • SHA256

      500eeeb1927f1fb9304a2167d6ea7e318d242da0c68e03f3ec60d704acfa0add

    • SHA512

      310c78b0057ec044ce14eb4242729f958f4de2d3cb8cc8f8052d8b6ead5ff692a870ec027204dffb3fe3951e6c8bc5b59d6a21046c66643e7d14ac3a88c31271

    • SSDEEP

      3072:lX6v7dL14It1Zvcb4n8uqlWpwkC/Va7U6JDN9ZiIyOmYNeZaVi:lIR1NPZO4n8VlWpKp6DliIyO/En

    Score
    10/10
    lockbitransomware

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Rule to detect Lockbit 3.0 ransomware Windows payload

    behavioral7

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/builder.exe

    • Size

      469KB

    • MD5

      c2bc344f6dde0573ea9acdfb6698bf4c

    • SHA1

      d6ae7dc2462c8c35c4a074b0a62f07cfef873c77

    • SHA256

      a736269f5f3a9f2e11dd776e352e1801bc28bb699e47876784b8ef761e0062db

    • SHA512

      d60cf86c0267cd4e88d21768665bbb43f3048dace1e0013b2361c5bfabf2656ff6215dfb75b6932e09545473305b4f707c069721cdde317b1df1709cd9fc61c0

    • SSDEEP

      12288:CzVXpdg/1MB94JD7RfaVT1hG98P67PNV3giFH6J1VjR3L6dpbQrQyEpInmwuRUfB:CzxjgdRpBq1hG98P67PNV3giFH6J1Vjn

    Score
    1/10
    behavioral8

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit30/keygen.exe

    • Size

      31KB

    • MD5

      71c3b2f765b04d0b7ea0328f6ce0c4e2

    • SHA1

      bf8ecb6519f16a4838ceb0a49097bcc3ef30f3c4

    • SHA256

      ea6d4dedd8c85e4a6bb60408a0dc1d56def1f4ad4f069c730dc5431b1c23da37

    • SHA512

      1923db134d7cee25389a07e4d48894dde7ee8f70d008cd890dd34a03b2741a54ec1555e6821755e5af8eae377ef5005e3f9afceb4681059bc1880276e9bcf035

    • SSDEEP

      768:A6+T41GjHbdWCWDwDD01riWpJxKpAQJs/3JGIDLQ5:b+U+hHIBpJxixgQ

    Score
    1/10
    behavioral9

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build.bat

    • Size

      733B

    • MD5

      1905cc9973206fea5050b737f9303fb4

    • SHA1

      497524177d9478a4b5dca3e73cc230be6abf4ce0

    • SHA256

      e2f5b93040d57de6251d16256bcd04aa8eb337bde87308e602f01070efd345fb

    • SHA512

      95bae9406d01083f6fe6916ecf8e889afe20ff5863070f1787dc7a60d2d1d5af2cf3fd481a3c4fb531f16dd2cb7a685002aaac1dc907cf189c19c60f2816dd76

    Score
    1/10
    behavioral10

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3.exe

    • Size

      153KB

    • MD5

      a77aa09d078b9380029e6100edbe2c83

    • SHA1

      6fbb43a72056d7432434e123e77234cafafdf6ea

    • SHA256

      4af96f0de6c0c89158c41974b4323869343e169b1f2a95a7960646d6b0edc3ea

    • SHA512

      596c290ac55641df4220e8821bc51cc24f08552cca8e36c37c6ce641e8e3b8e9fa4ff56d0497e64e6bca92ca4bef07fca8ce3442297d2c17b829e7281a239153

    • SSDEEP

      3072:96glyuxE4GsUPnliByocWepfd1D5nZ42zYWkD:96gDBGpvEByocWeFzE+rk

    Score
    10/10
    lockbitransomwarespywarestealer

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Renames multiple (605) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral11

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3Decryptor.exe

    • Size

      54KB

    • MD5

      3baba850a83359d0724af622186ff137

    • SHA1

      33c0b49ead3b6ce8fceba752cd1a23e867ded322

    • SHA256

      011da3309d427a567cfe8644a407033c42570c2756a9ed09409004ff0df01399

    • SHA512

      9166c1e8632f67780c4a16ab9741de3be40f57cbe5184ae527ff548a59728eb6fe69f08c5518ba4b66ad1a0925316a1700607cdf9068ffafafc1c1b58bc12f5b

    • SSDEEP

      768:FcDWNKqCcjAPj5qBPhvXh2gf0854TC3E9zpKMMYj1MYgFMRx:kgjCcjAPj5yPhvXHF54TLp2Yj1M7MD

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral12

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3_ReflectiveDll_DllMain.dll

    • Size

      107KB

    • MD5

      660679f8d44100cd240add9862598d66

    • SHA1

      afca2fd0af09265e099e8cf5b898ea45f01f288a

    • SHA256

      6667b29705a3c882d536589dc9d7193725ecdbc42c8bb0cc60f3c9d6d0240275

    • SHA512

      d347ed75a08678af1eb449230f437d6f0fb3da6f98a6f7d36eaf73c7cd1399ec9712b940b370a92fa9b8d6a2ece5c607e86ecbfa12cc6cda3df85d66475091dd

    • SSDEEP

      3072:n9bfmBYtGb2kZlBmLmmnFPNeSDkDqS4AJ:n9ptGakZlsLXFISDzAJ

    Score
    10/10
    lockbitransomwarespywarestealer

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Renames multiple (365) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral13

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3_Rundll32.dll

    • Size

      152KB

    • MD5

      6af251afa3468ac14d63b0ee96acf337

    • SHA1

      b9f28640e74b50a487c71b3d866a5a9905e79077

    • SHA256

      d146fc2a8a8be652bbaaf711d3f4861de2f859192e8e90a8d03b6ffd4bcece46

    • SHA512

      84a5958c0d46b464f1b5e6d3164b69533ca2950aa35df4fd36bbfbf479ef780fc619904a08d2bf65835a09552f0663c8847471b565859d84b684247a4eb3fe6b

    • SSDEEP

      3072:1T0IRcT5h98vy7aF5y9vYNahEvM1kiXo7CAyXwptXpEKAoiO3pwBmrkllnYgrwoW:1T5CTL98vy7anEvY8hEvM1kiXolyXwpp

    Score
    1/10
    behavioral14

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3_Rundll32_pass.dll

    • Size

      148KB

    • MD5

      93046eb83f029ea9dc24522e88cfe75e

    • SHA1

      fe73ccfbb8c3a124a884f19b5149224265ca59e9

    • SHA256

      b530be92d5785dbf1446d898c04702b33c58b985a2a29f6131688badf6b6ee56

    • SHA512

      666be29c79db61eaf6d291de9e3cf6a47438d961ede6b56edc6ff98ca6256341e39a9ca9f177244dc4e83e6c43599b0395c81647ce60c874d1b057994cef41f8

    • SSDEEP

      3072:+R/3wDb7wo0h86nHjVzmGzzAAIGMaoz8o077WLm+BzuSeqIHGJLO:y3cwXhBDVzmYMAIdP0/kbzu9qImJy

    Score
    10/10
    lockbitransomware

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Rule to detect Lockbit 3.0 ransomware Windows payload

    behavioral15

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/Build/LB3_pass.exe

    • Size

      149KB

    • MD5

      7a9c8d168cbd79477a23f995fcef37b7

    • SHA1

      bda1ac31cc3b9087e6ab2696f3e956c034f481dc

    • SHA256

      9cadbedcd88c2005cbaddb3c9a3dc7baae32ee50d1893a7cefd12261dbf69c62

    • SHA512

      222c5c1e8054c00b0d5d5a5c4f12c06ce3b792c230d2c5293752dcca247c73b336da8756f6762fc3fc8bb85aa9d08f9a4c793b8843b578ac1fb37925821c4ef7

    • SSDEEP

      3072:5MKDtv/cqFbkyAD8UvR3rO4H9TKvfpN7pLXyKuwYXAlboLU/ux0feApQ:mKDhzFlADRvRi7fp55l8AFoLU/KZA6

    Score
    10/10
    lockbitransomware

    • Lockbit

      Ransomware family with multiple variants released since late 2019.

      ransomwarelockbit

    • Rule to detect Lockbit 3.0 ransomware Windows payload

    behavioral16

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/builder.exe

    • Size

      470KB

    • MD5

      8c689dc9e82c9356b990d2b67b4943e1

    • SHA1

      6bdc415b9c356bbeaea75c7336cd72910b95a644

    • SHA256

      e8e2deb0a83aebb1e2cc14846bc71715343372103f279d2d1622e383fb26d6ef

    • SHA512

      fb38a79dbcebde149736d5e1ca37dc15d274838be304d3f86e992d610b50c31d7fe4c30f6697c890f3753443af16eab712aef3f8da88d76ed00790083deb51e4

    • SSDEEP

      12288:7tDkI5O/1MHOvEIfRfaXNCTL98vy7anEvY86vM1kiY4XotXpEKAoiO5wBmrkAUfM:7tQcOdu4BcCTL98vy7anEvY86vM1kiYt

    Score
    1/10
    behavioral17

    • Target

      LockBit-Black-Builder-main/LockBit-Black-Builder-main/LockBit3Builder/keygen.exe

    • Size

      31KB

    • MD5

      5e28c7c900e4dce08366051c22f07f84

    • SHA1

      ec03fd1551d31486e2f925d9c2db3b87ffcd7018

    • SHA256

      bb76f4d10ec2c1d24be904d2ee078f34a6b5bd11f3b40f295e116fea44824b89

    • SHA512

      fb45d7466d8a979ca78202be20175585e8d560a4cfcc81d3ef15edeb2d292cb5a05cdb93718cef685f1c8ee94cabf6c35ff010785d774057d045ba7b8a478a1e

    • SSDEEP

      768:F6+T41GjHbdWCWDwDD01riWpJxKpAQJs/3JGIDLQH:E+U+hHIBpJxixgQ

    Score
    1/10
    behavioral18

MITRE ATT&CK Enterprise v15

Tasks