LockBit Ransomware Analysis
Added 2023-01-04 17:34:37 +0000 UTCThe LockBit Ransomware is being spread through a malicious XLL document, which is a Dynamic Link Library (DLL) file that adds additional functionality to Microsoft Excel. To start the malware analysis, we will take a closer look at the XLL document to determine the malicious code it contains. The XLL document is designed to execute a dropper binary, which is a type of malicious software designed to install additional malicious code onto the victim's system. After it has been executed, the dropper binary will install the LockBit Ransomware onto the victim's system and begin encrypting their files.
