Overview

overview

10

Static

static

10

2024-06-20...it.exe

windows7-x64

10

2024-06-20...it.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-20_db9379bd788bc568f40eecb0e7c7ec95_lockbit

  • Size

    959KB

  • MD5

    db9379bd788bc568f40eecb0e7c7ec95

  • SHA1

    31dbb4bfc11550c79063cbb7d609c901792f23c1

  • SHA256

    fae1ac30a953ac7673b92a6acf8b9d4355c2753c61140be4cd4b85e5b2a380ef

  • SHA512

    ba411dfe70d51beade794605efe0653382782d30dd81718271f640434457e8c6b6822ab7326ded67652f43019dff7b0a8c1b1aa84b5a2351842159e0c482372c

  • SSDEEP

    24576:cLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdOF:mjrc2So1Ff+B3k7960

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-06-20_db9379bd788bc568f40eecb0e7c7ec95_lockbit
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections