1396c36bd9947e858d503ec00dcf9cc329a1a142ba5091a03fd12cfa79144e3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-09_d19d3e4ac58a2d4639137adf919863d1_lockbit
Size

55KB
Sample

240909-mpqa9swdja
MD5

d19d3e4ac58a2d4639137adf919863d1
SHA1

6ef033ef0765ab13c8fa883e35264a9c608c3c6f
SHA256

1396c36bd9947e858d503ec00dcf9cc329a1a142ba5091a03fd12cfa79144e3a
SHA512

04ea190abe50542cf66ddf49bb62eb872465bdb2b3d5989d07452ac18d2808e898366b1aaf451a6b1409916a918c1e388238fda302a2482a0d11f407ef30d389
SSDEEP

768:QFOj0Pkj5ModZ4h2wd8iGjqW7AnHvtMaWRBB5sx4PC74801wSmY8u07uKL74kJGQ:GHE5Mod2kwd8L4qa4Bax40480pWFE2

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-09-09_d19d3e4ac58a2d4639137adf919863d1_lockbit
- Size
  
  55KB
- MD5
  
  d19d3e4ac58a2d4639137adf919863d1
- SHA1
  
  6ef033ef0765ab13c8fa883e35264a9c608c3c6f
- SHA256
  
  1396c36bd9947e858d503ec00dcf9cc329a1a142ba5091a03fd12cfa79144e3a
- SHA512
  
  04ea190abe50542cf66ddf49bb62eb872465bdb2b3d5989d07452ac18d2808e898366b1aaf451a6b1409916a918c1e388238fda302a2482a0d11f407ef30d389
- SSDEEP
  
  768:QFOj0Pkj5ModZ4h2wd8iGjqW7AnHvtMaWRBB5sx4PC74801wSmY8u07uKL74kJGQ:GHE5Mod2kwd8L4qa4Bax40480pWFE2
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery