del
gdel
gdll
gmod
pmod
sdll
wdll
General
-
Target
Builds.7z
-
Size
1.8MB
-
MD5
484933f81970182e04f190efe2527da1
-
SHA1
72f0810a0ab7f1398ba9f0b0916ee97115e79cc4
-
SHA256
3968a850f5bc70d954bb5609d929f181a6f05a117fa3be4531cbd96cedfde5d6
-
SHA512
d9d5d96e13201de976d23783e077bb1f95af3946a44bd1347d637893e471eefed5d9b0de4a7d84d8d2040decf8cea4e3de83555b2424e58ebbc1c7eb4881e37a
-
SSDEEP
49152:bor7D7eZFTWD/gjKZ4FhydMzOoSGSW7TeXY:UfeZFT48HSCilTWB
Score
10/10
Malware Config
Signatures
-
Lockbit family
-
Rule to detect Lockbit 3.0 ransomware Windows payload 3 IoCs
-
Unsigned PE 7 IoCs
Checks for missing Authenticode signature.
Files
-
Builds.7z
Password: infected
-
Builds/ESXi_vx-_____________329D6F9DDBF138D4_19.12.24_i_love_anime.zip
Password: infected
-
329D6F9DDBF138D4/locker_ESXI_I386
-
329D6F9DDBF138D4/locker_ESXI_X64
-
Builds/LBB_vx-_____________07AAB9B790E0235B_19.12.24_hacking_is_bad.zip
Password: infected
-
LBB.exe
Password: infected
3bc510de773c954bd69d33670cb624d6
Headers
Imports
Sections
-
LBB_PS1.ps1
-
LBB_PS1_obfuscated.ps1
-
LBB_PS1_pass.ps1
-
LBB_ReflectiveDll_DllMain.dll
Password: infected
bfce782cfa0e2f22c598571118d3f91d
Headers
Imports
Sections
-
LBB_Rundll32.dll
Password: infected
a6e537c4400191f066a8ccb2bd93aeb1
Headers
Imports
Exports
Sections
-
LBB_Rundll32_pass.dll
Password: infected
a6e537c4400191f066a8ccb2bd93aeb1
Headers
Imports
Exports
Sections
-
LBB_pass.exe
Password: infected
3bc510de773c954bd69d33670cb624d6
Headers
Imports
Sections
-
Password_dll.txt
-
Password_exe.txt
-
Password_ps1.txt
-
Builds/LBG_vx-_____________FC8E43EC21BE9047_19.12.24_hacking_is_illegal_ok.zip
Password: infected
-
FC8E43EC21BE9047/lbg32.exe
Headers
Sections
-
FC8E43EC21BE9047/lbg64.exe
Headers
Sections
-
Builds/LBL_vx-_____________1007BF65F80311D2_19.12.24_hacking_is_illegal_and_for_nerds.zip