84bebbe2cc14519a656dd6ee54e892191872f7122ebf53ef6b2349a5218c11e1 | Triage

Resubmissions

18/07/2024, 07:25

240718-h84wjs1hpb 10

18/07/2024, 07:19

240718-h51pqa1gng 10

17/07/2024, 20:55

240717-zqkhmaydmq 10

17/07/2024, 19:21

240717-x2pwdaycjb 10

Analysis

max time kernel
1559s
max time network
1560s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
17/07/2024, 19:21

Sharing

Report Analysis Logs

General

Target

LockedIn.exe
Size

650KB
MD5

e9e34a4dbf0c9fe5fb595b0282b0b4f0
SHA1

4f3f6bc4aff97eecb9ab52d47520e248c618da45
SHA256

613af1bf17a11dbf12849568ce08186cc4109a5cdb32d0bcce7c1bd81306f5c6
SHA512

b234f7a6fef8eb3153da20b1c9f668a8177e489817b1e7e36a572fbfc7dc3604f5cd509f5ff7087f4d3a2e3c1a5a0c7e93ae571be11c70732b1078ba8050a119
SSDEEP

12288:dl6aKEZf4r/s6IzjtyHQDWcFXXGmmBJ0d35O3CEkk4zglJaKfZf4m:dlNCr/sFFmmmHIpKCEx4sljCm

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (56) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

C:\Users\Admin\AppData\Local\Temp\LockedIn.exe
"C:\Users\Admin\AppData\Local\Temp\LockedIn.exe"
1⤵
PID:772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Desktop\LimitEdit.xlsx

Filesize
10KB

MD5
fedb43c651365c6d80ef42b8294a8bf3

SHA1
b16b988f389bd973acc6f05623df7189700eb700

SHA256
f4d003c4b9e0f4c40c9b7216d63ae70e2689936631f3939923b4299a53d0be94

SHA512
a5ba6efa55b8f6c3176b2099d9a714cb21d8b33c6d58574c1d5a665e5a757539a10dc753d3b585b0a41ef98f2a1a3b16d3cbdd2ac8473f8f1d3bb7d0997e0eb7

Download Submit
memory/772-0-0x000007FEF666E000-0x000007FEF666F000-memory.dmp

Filesize
4KB

Download
memory/772-1-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-2-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-3-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-5-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-4-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-12-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download
memory/772-119-0x000007FEF666E000-0x000007FEF666F000-memory.dmp

Filesize
4KB

Download
memory/772-120-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

Filesize
9.6MB

Download