ioc[.]one - OSINT Cyber Threat Intelligence Database

Understanding LockBit Ransomware: TTPs and Behavioral Insights for Effective Defense

Show in Graph

Common Information

Type	Value
UUID	7ffb9639-cfb1-4a4d-a82f-bb01d24c6ca7
Fingerprint	475b7cfa0bbc2cfb3a753298111e184c015d6e143d033117cf2de618f3f723e1
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 20, 2023, 2:02 p.m.
Added to db	Nov. 17, 2024, 6:53 p.m.
Last updated	Nov. 17, 2024, 6:57 p.m.
Headline	Understanding LockBit Ransomware: TTPs and Behavioral Insights for Effective Defense
Title	Understanding LockBit Ransomware: TTPs and Behavioral Insights for Effective Defense
Detected Hints/Tags/Attributes	318/4/158

Source URLs

	Redirection	Url
Details	Source	https://www.logpoint.com/wp-content/uploads/2023/07/etp-lockbit.pdf

URL Provider

Details	Provider	Source level domain
Details	logpoint.com	www.logpoint.com

Attributes

Details	Type	#Events	Value
Details	CVE	115	cve-2023-0669
Details	CVE	140	cve-2023-27350
Details	CVE	397	cve-2021-44228
Details	CVE	31	cve-2021-22986
Details	CVE	217	cve-2020-1472
Details	CVE	197	cve-2019-0708
Details	CVE	150	cve-2018-13379
Details	CVE	54	cve-2023-27351
Details	Domain	22	www.logpoint.com
Details	Domain	28	dl.dropboxusercontent.com
Details	Domain	358	pastebin.com
Details	Domain	14	githubusercontent.com
Details	Domain	112	cdn.discordapp.com
Details	Domain	26	mediafire.com
Details	Domain	10	userstorage.mega.co.nz
Details	Domain	77	mega.nz
Details	Domain	41	ddns.net
Details	Domain	45	paste.ee
Details	Domain	8	hastebin.com
Details	Domain	4	ghostbin.co
Details	Domain	18	ufile.io
Details	Domain	24	anonfiles.com
Details	Domain	13	send.exploit.in
Details	Domain	71	transfer.sh
Details	Domain	10	privatlab.net
Details	Domain	8	privatlab.com
Details	Domain	29	sendspace.com
Details	Domain	5	pastetext.net
Details	Domain	10	pastebin.pl
Details	Domain	145	api.telegram.org
Details	Domain	6	dropboxusercontent.com
Details	File	39	www.log
Details	File	4	123.bat
Details	File	323	winword.exe
Details	File	199	excel.exe
Details	File	92	powerpnt.exe
Details	File	102	mspub.exe
Details	File	86	visio.exe
Details	File	173	outlook.exe
Details	File	91	msaccess.exe
Details	File	57	eqnedt32.exe
Details	File	74	onenote.exe
Details	File	2125	cmd.exe
Details	File	1208	powershell.exe
Details	File	35	pwsh.exe
Details	File	376	wscript.exe
Details	File	155	cscript.exe
Details	File	16	sh.exe
Details	File	17	bash.exe
Details	File	23	scrcons.exe
Details	File	249	schtasks.exe
Details	File	459	regsvr32.exe
Details	File	34	hh.exe
Details	File	240	wmic.exe
Details	File	456	mshta.exe
Details	File	1018	rundll32.exe
Details	File	269	msiexec.exe
Details	File	33	forfiles.exe
Details	File	16	scriptrunner.exe
Details	File	12	mftrace.exe
Details	File	13	appvlp.exe
Details	File	1122	svchost.exe
Details	File	149	msbuild.exe
Details	File	11	pc-app.exe
Details	File	312	calc.exe
Details	File	226	certutil.exe
Details	File	59	csc.exe
Details	File	172	dllhost.exe
Details	File	5	wsl.exe
Details	File	30	ftp.exe
Details	File	20	c:\windows\system32\conhost.exe
Details	File	31	c:\windows\system32\wbem\wmic.exe
Details	File	4	c:\windows\syswow64\wbem\wmic.exe
Details	File	9	c:\windows\system32\werfault.exe
Details	File	8	c:\windows\syswow64\werfault.exe
Details	File	165	reg.exe
Details	File	256	net.exe
Details	File	48	net1.exe
Details	File	3	cmlua.dll
Details	File	8	cmstplua.dll
Details	File	1	cmluautil.dll
Details	File	47	cmstp.exe
Details	File	5	cmmgr32.exe
Details	File	95	wevtutil.exe
Details	File	81	werfault.exe
Details	File	76	mimikatz.exe
Details	File	478	lsass.exe
Details	File	62	whoami.exe
Details	File	49	nltest.exe
Details	File	51	ipconfig.exe
Details	File	61	systeminfo.exe
Details	File	11	route.exe
Details	File	17	quser.exe
Details	File	12	qwinsta.exe
Details	File	46	netstat.exe
Details	File	10	nbtstat.exe
Details	File	40	7z.exe
Details	File	7	7zr.exe
Details	File	42	7za.exe
Details	File	22	runonce.exe
Details	File	137	conhost.exe
Details	File	37	rclone.exe
Details	File	6	megasync.exe
Details	File	8	pastebin.pl
Details	File	345	vssadmin.exe
Details	File	23	diskshadow.exe
Details	File	43	wbadmin.exe
Details	MITRE ATT&CK Techniques	235	T1562
Details	MITRE ATT&CK Techniques	168	T1046
Details	MITRE ATT&CK Techniques	141	T1219
Details	MITRE ATT&CK Techniques	298	T1562.001
Details	MITRE ATT&CK Techniques	124	T1482
Details	MITRE ATT&CK Techniques	50	T1072
Details	MITRE ATT&CK Techniques	289	T1003
Details	MITRE ATT&CK Techniques	31	T1071.002
Details	MITRE ATT&CK Techniques	100	T1567.002
Details	MITRE ATT&CK Techniques	159	T1095
Details	MITRE ATT&CK Techniques	173	T1003.001
Details	MITRE ATT&CK Techniques	125	T1555.003
Details	MITRE ATT&CK Techniques	95	T1572
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	160	T1021.001
Details	MITRE ATT&CK Techniques	442	T1071.001
Details	MITRE ATT&CK Techniques	92	T1048
Details	MITRE ATT&CK Techniques	183	T1189
Details	MITRE ATT&CK Techniques	542	T1190
Details	MITRE ATT&CK Techniques	191	T1133
Details	MITRE ATT&CK Techniques	409	T1566
Details	MITRE ATT&CK Techniques	306	T1078
Details	MITRE ATT&CK Techniques	333	T1059.003
Details	MITRE ATT&CK Techniques	174	T1569.002
Details	MITRE ATT&CK Techniques	239	T1106
Details	MITRE ATT&CK Techniques	460	T1059.001
Details	MITRE ATT&CK Techniques	310	T1047
Details	MITRE ATT&CK Techniques	207	T1547
Details	MITRE ATT&CK Techniques	380	T1547.001
Details	MITRE ATT&CK Techniques	78	T1548
Details	MITRE ATT&CK Techniques	29	T1484.001
Details	MITRE ATT&CK Techniques	44	T1134.001
Details	MITRE ATT&CK Techniques	86	T1548.002
Details	MITRE ATT&CK Techniques	18	T1480.001
Details	MITRE ATT&CK Techniques	92	T1070.001
Details	MITRE ATT&CK Techniques	297	T1070.004
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	160	T1027.002
Details	MITRE ATT&CK Techniques	28	T1027.007
Details	MITRE ATT&CK Techniques	52	T1622
Details	MITRE ATT&CK Techniques	550	T1112
Details	MITRE ATT&CK Techniques	125	T1110
Details	MITRE ATT&CK Techniques	33	T1614.001
Details	MITRE ATT&CK Techniques	139	T1021.002
Details	MITRE ATT&CK Techniques	116	T1560.001
Details	MITRE ATT&CK Techniques	126	T1567
Details	MITRE ATT&CK Techniques	93	T1485
Details	MITRE ATT&CK Techniques	472	T1486
Details	MITRE ATT&CK Techniques	30	T1491.001
Details	MITRE ATT&CK Techniques	276	T1490
Details	MITRE ATT&CK Techniques	197	T1489