blackmatter | 1d6561c4714fadf16bcfb244a5444a959a953424d8e2c6acca6ccb2e20117e74 | Triage

Submit
Reports

Overview

overview

Static

static

1

LockBit30.7z

windows10-ltsc 2021-x64

Resubmissions

05-02-2025 10:53

250205-mze82stkcs 1

01-02-2025 17:51

250201-wfja2atkdy 10

Sharing

General

Target

LockBit30.7z
Size

144KB
Sample

250201-wfja2atkdy
MD5

ecad36ec22515adac1190a6a46c78fb7
SHA1

4f3507c3432a86df0d8eb02ea71eb1a884860724
SHA256

1d6561c4714fadf16bcfb244a5444a959a953424d8e2c6acca6ccb2e20117e74
SHA512

2b3edcde3bf96aaf7869d64226ee1bc97ee0956a52ff63bec9309d9916504298c24eb843901c334f76b1713996a7cd74676ddf3b24e633f8981cb5031a60dd12
SSDEEP

3072:2rpwUBhAR0Kz0TO+/nB6thtGnp0gNxQ/XvE12AldjEr:2rWiuaKQ1a+p0gNxcXHgu

Score

10^/10

blackmatter lockbit discovery persistence privilege_escalation ransomware

Static task

static1

Behavioral task

behavioral1

Sample

LockBit30.7z

Resource

win10ltsc2021-20250128-en

blackmatter lockbit discovery persistence privilege_escalation ransomware

windows10-ltsc 2021-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

blackmatter

Version

25.239

Targets

- Target
  
  LockBit30.7z
- Size
  
  144KB
- MD5
  
  ecad36ec22515adac1190a6a46c78fb7
- SHA1
  
  4f3507c3432a86df0d8eb02ea71eb1a884860724
- SHA256
  
  1d6561c4714fadf16bcfb244a5444a959a953424d8e2c6acca6ccb2e20117e74
- SHA512
  
  2b3edcde3bf96aaf7869d64226ee1bc97ee0956a52ff63bec9309d9916504298c24eb843901c334f76b1713996a7cd74676ddf3b24e633f8981cb5031a60dd12
- SSDEEP
  
  3072:2rpwUBhAR0Kz0TO+/nB6thtGnp0gNxQ/XvE12AldjEr:2rWiuaKQ1a+p0gNxcXHgu
Score

10^/10

blackmatter lockbit discovery persistence privilege_escalation ransomware
- BlackMatter Ransomware
  BlackMatter ransomware group claims to be Darkside and REvil succesor.
  ransomware blackmatter
- Blackmatter family
  blackmatter
- Lockbit
  Ransomware family with multiple variants released since late 2019.
  ransomware lockbit
- Lockbit family
  lockbit
- Rule to detect Lockbit 3.0 ransomware Windows payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmatterlockbitdiscoverypersistenceprivilege_escalationransomware

© 2018-2025

Terms | Privacy