d8791625d86dff22d527f72b69d314f9a34e88d1129e3ef1d29e040fcb433208 | Triage

Sharing

General

Target

2024-09-21_c1e80dc69b7b74cc5eac95c315d62d83_lockbit
Size

37KB
Sample

240921-e3egxsvenh
MD5

c1e80dc69b7b74cc5eac95c315d62d83
SHA1

531b5886d64ce1a228ea921999fb593396943325
SHA256

d8791625d86dff22d527f72b69d314f9a34e88d1129e3ef1d29e040fcb433208
SHA512

391c48bf1110d4b02f8aa15029e362a6ee3121b37057b6dbf936dfe451ed1f4c5855f4f22edbffe8175f25fea4eaaf9e41627e28b1db6d5663554fba3d11687d
SSDEEP

768:ETEjmqVxAxuZY9AldyQSRA2wnXw/uaLoBB5Ux4PC74801h2w:cgxAxuW2ldyYvhauBSx40480Ow

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-09-21_c1e80dc69b7b74cc5eac95c315d62d83_lockbit
- Size
  
  37KB
- MD5
  
  c1e80dc69b7b74cc5eac95c315d62d83
- SHA1
  
  531b5886d64ce1a228ea921999fb593396943325
- SHA256
  
  d8791625d86dff22d527f72b69d314f9a34e88d1129e3ef1d29e040fcb433208
- SHA512
  
  391c48bf1110d4b02f8aa15029e362a6ee3121b37057b6dbf936dfe451ed1f4c5855f4f22edbffe8175f25fea4eaaf9e41627e28b1db6d5663554fba3d11687d
- SSDEEP
  
  768:ETEjmqVxAxuZY9AldyQSRA2wnXw/uaLoBB5Ux4PC74801h2w:cgxAxuW2ldyYvhauBSx40480Ow
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery