35f214fa6a78fbca33edaac9e2437251b350e16cc4dc4dbccf0195809ba2363f | Triage

Sharing

General

Target

OsLock.exe
Size

334KB
Sample

240806-lk36wszcnc
MD5

6b157e030846c5d329e9c1b1cd5654dc
SHA1

2881f5f1e54a61b27aed256c76e693b5fcd32d23
SHA256

35f214fa6a78fbca33edaac9e2437251b350e16cc4dc4dbccf0195809ba2363f
SHA512

b49563c0a1888f1d1ae226bf9f5450b48a55dd8d40bd35bbbe10caef6cf964852aabd43639c6559b196dcf865983fa8cfbb3887b337ff9e2a8bc5f078f953a25
SSDEEP

6144:JdnRydPc4IvjTZlyZsDDyr3rGUS3YzUCpM69/KImQi/6ebo:zAlc4IrTZlyGDcM3

Score

6^/10

defense_evasion persistence

Malware Config

Targets

- Target
  
  OsLock.exe
- Size
  
  334KB
- MD5
  
  6b157e030846c5d329e9c1b1cd5654dc
- SHA1
  
  2881f5f1e54a61b27aed256c76e693b5fcd32d23
- SHA256
  
  35f214fa6a78fbca33edaac9e2437251b350e16cc4dc4dbccf0195809ba2363f
- SHA512
  
  b49563c0a1888f1d1ae226bf9f5450b48a55dd8d40bd35bbbe10caef6cf964852aabd43639c6559b196dcf865983fa8cfbb3887b337ff9e2a8bc5f078f953a25
- SSDEEP
  
  6144:JdnRydPc4IvjTZlyZsDDyr3rGUS3YzUCpM69/KImQi/6ebo:zAlc4IrTZlyGDcM3
Score

6^/10

defense_evasion persistence
- Adds Run key to start application
  persistence
- Hide Artifacts: Hidden Files and Directories
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionpersistence