General

  • Target

    b2c3beda4b000a3d9af0a457d6d942ec81696f3ed485f7cf723b18008a5f3d10

  • Size

    139KB

  • MD5

    c9c2f3805f0012628e9d62e8f75af4dd

  • SHA1

    b6269b1fc8813b93c11ec6066dc33d9f99f2e431

  • SHA256

    b2c3beda4b000a3d9af0a457d6d942ec81696f3ed485f7cf723b18008a5f3d10

  • SHA512

    ed4cb425807bbef4da92fe9e17b78746e096612e6006521279162379b2fc65f8dec7647e9c5403c6a74e6eb9b61dce7ca1c74c65d77aafbd0719be79cb1d70ff

  • SSDEEP

    3072:pYWJsCuSlRODbWhyyZZsZ77n4s31uZzd2ppyMPOLOcrgCz:pbuSlicZyx4W1uLYpyMPOLjhz

Score
10/10

Malware Config

Extracted

Family

blackmatter

Version

65.239

Signatures

  • Blackmatter family
  • Lockbit family
  • Rule to detect Lockbit 3.0 ransomware Windows payload 1 IoCs
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • b2c3beda4b000a3d9af0a457d6d942ec81696f3ed485f7cf723b18008a5f3d10
    .7z

    Password: infected

  • LBLeak/Build.bat
  • LBLeak/builder.exe
    .exe windows:5 windows x86 arch:x86

    d2e26e45dcb84f1062f90f29a9cf0faa


    Headers

    Imports

    Sections

  • LBLeak/config.json
  • LBLeak/keygen.exe
    .exe windows:5 windows x86 arch:x86

    73eeda700d0a0376845c61c44155f4a8


    Headers

    Imports

    Sections