Behavioral task
behavioral1
Sample
LB3.exe
Resource
win11-20241007-en
General
-
Target
LB3.exe
-
Size
153KB
-
MD5
b5274494c0f741ee41253bf00a69bbee
-
SHA1
57291aaafa094c834312ba9479c029fee64eafec
-
SHA256
0f167bb868db3803ef173ce5fadfe833481e4795ca71c2783e136510c5e7a805
-
SHA512
cd95ed3d750e9625c253f16798e48b170a0864db455d3718be10c402b5770bf9350d1319dab8419c59a636ffbb8a463d1fe5aecdbf53e95bf9d7684f543c1600
-
SSDEEP
1536:0zICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDBVAlVdhpOs7xuTdiK9IQlG1RUk:bqJogYkcSNm9V7DBVApOstuTkKnG7T
Malware Config
Signatures
-
Lockbit family
-
Rule to detect Lockbit 3.0 ransomware Windows payload 1 IoCs
resource yara_rule sample family_lockbit -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource LB3.exe
Files
-
LB3.exe.exe windows:5 windows x86 arch:x86
914685b69f2ac2ff61b6b0f1883a054d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
SetPixel
GetPixel
SelectPalette
SelectObject
GetTextColor
BitBlt
GetDeviceCaps
CreateSolidBrush
CreateFontW
CreateDIBitmap
user32
LoadMenuW
LoadImageW
CreateDialogParamW
CreateWindowExW
DefWindowProcW
GetDlgItem
IsDlgButtonChecked
kernel32
GetLastError
GetProcAddress
GetModuleHandleA
GetLocaleInfoW
FreeLibrary
GetFileAttributesW
GetCommandLineW
GetCommandLineA
Sections
.text Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 40KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ