Overview

overview

10

Static

static

10

2024-05-24...it.exe

windows7-x64

3

2024-05-24...it.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-24_50c99f0f89e655b06b697204fe2fd58c_lockbit

  • Size

    959KB

  • MD5

    50c99f0f89e655b06b697204fe2fd58c

  • SHA1

    d73fb84d8c0562967903467e5e0ad3cac70a18ca

  • SHA256

    03eff9160daf35ee6e3450095c245a20998a3d57e442fe9d6e987fd5d805fd15

  • SHA512

    d72345da4ac5d71640357a0b5a3a3910021665597ce3fb38f4e083c67bd30f2a54945111de6ee07ef6f7c303c56a83276ee53c5773d133f450e286aed3bf4630

  • SSDEEP

    24576:uLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdo:Ujrc2So1Ff+B3k796i

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-05-24_50c99f0f89e655b06b697204fe2fd58c_lockbit
    .exe windows:5 windows x86 arch:x86

    216df81b1ef7bc2aa8ec52bbeef137c9


    Headers

    Imports

    Sections