lockbit | 30a4d2ae21ec90ebdd415b90d2fe670ac5c0ffe54d0d8f7a01a54910ba1a8c45 | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-03-26...om.exe

windows10-ltsc_2021-x64

Resubmissions

28/03/2025, 22:50

250328-2r89gsvly8 10

26/03/2025, 18:56

250326-xlfmrssqz9 10

26/03/2025, 18:17

250326-wxdf4szyc1 10

Sharing

General

Target

2025-03-26_17cc347c7c544e98a18dacf02a25d619_black-basta_cobalt-strike_satacom
Size

502KB
Sample

250328-2r89gsvly8
MD5

17cc347c7c544e98a18dacf02a25d619
SHA1

263aa440a706fe3aa909fd8b212185340e7ede94
SHA256

30a4d2ae21ec90ebdd415b90d2fe670ac5c0ffe54d0d8f7a01a54910ba1a8c45
SHA512

e686ac882f4fdbe0efb0833186640d61d75b3132d026e5f2e1da35a01efca371e63cea3953a33dfb29ce130e6b3e0103bfbda099fc3da092364cc43427e15aeb
SSDEEP

6144:eo2mNDxqElXchsLP3JRBNGJLEAxSKfC5ogn3WJGBV50DErWuuzgXmPdt:eo2BYd73FWLExKfcoaWJtDTv

Score

10^/10

lockbit ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-03-26_17cc347c7c544e98a18dacf02a25d619_black-basta_cobalt-strike_satacom.exe

Resource

win10ltsc2021-20250314-en

lockbit ransomware

windows10-ltsc_2021-x64

16 signatures

300 seconds

Malware Config

Targets

- Target
  
  2025-03-26_17cc347c7c544e98a18dacf02a25d619_black-basta_cobalt-strike_satacom
- Size
  
  502KB
- MD5
  
  17cc347c7c544e98a18dacf02a25d619
- SHA1
  
  263aa440a706fe3aa909fd8b212185340e7ede94
- SHA256
  
  30a4d2ae21ec90ebdd415b90d2fe670ac5c0ffe54d0d8f7a01a54910ba1a8c45
- SHA512
  
  e686ac882f4fdbe0efb0833186640d61d75b3132d026e5f2e1da35a01efca371e63cea3953a33dfb29ce130e6b3e0103bfbda099fc3da092364cc43427e15aeb
- SSDEEP
  
  6144:eo2mNDxqElXchsLP3JRBNGJLEAxSKfC5ogn3WJGBV50DErWuuzgXmPdt:eo2BYd73FWLExKfcoaWJtDTv
Score

10^/10

lockbit ransomware
- Lockbit
  Ransomware family with multiple variants released since late 2019.
  ransomware lockbit
- Lockbit family
  lockbit
- Renames multiple (135) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

lockbitransomware

© 2018-2025

Terms | Privacy