One Article Review
| Source |  Malware Hell |
|---|---|
| Identifiant | 8314737 |
| Date de publication | 2022-07-13 00:00:00 (vue: 2023-03-01 20:12:23) |
| Titre | Reversing Additional Lockbit 3.0 API Hashing |
| Texte | I was watching @herrcore’s OALabs stream on Lockbit 3.0. After he wrote a utility to decrypt additional data from the ransomware, he noticed one of the buffers was a Portable Executable (PE) file. It had an interesting API hashing routine, we would be reversing for the next stream. I decided to have a closer look. 😄 Analysis This is an interesting sample, I have not mapped out its full functionality yet. |
| Envoyé | Oui |
| Condensat | NoVal |
| Tags | |
| Stories | |
| Notes | ★★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.