e05e3af5b9fe30f9efb2e719d797612b511b6c603060af9a55127375f1076ee3 | Triage

Sharing

General

Target

2024-09-21_02eaf054d741c5cdf530c6bb917dd762_lockbit
Size

136KB
Sample

240921-qznf7svekb
MD5

02eaf054d741c5cdf530c6bb917dd762
SHA1

db68ff91ff5c5db354bf7dc20614590058f49ab0
SHA256

e05e3af5b9fe30f9efb2e719d797612b511b6c603060af9a55127375f1076ee3
SHA512

d98976dca558269a9e50a057e8e108cf78aeff2f73e875f9a3570264cbd43246227949811585a0467b481a3a6ebdf85278888cee57541a36067dbe68abe43696
SSDEEP

1536:Vf/zuJmTn2lvpSzyOvBWg8g3xeevKE2j5uQHd:pzHTn2lvpfg8g3xeevKE2j5uod

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-09-21_02eaf054d741c5cdf530c6bb917dd762_lockbit
- Size
  
  136KB
- MD5
  
  02eaf054d741c5cdf530c6bb917dd762
- SHA1
  
  db68ff91ff5c5db354bf7dc20614590058f49ab0
- SHA256
  
  e05e3af5b9fe30f9efb2e719d797612b511b6c603060af9a55127375f1076ee3
- SHA512
  
  d98976dca558269a9e50a057e8e108cf78aeff2f73e875f9a3570264cbd43246227949811585a0467b481a3a6ebdf85278888cee57541a36067dbe68abe43696
- SSDEEP
  
  1536:Vf/zuJmTn2lvpSzyOvBWg8g3xeevKE2j5uQHd:pzHTn2lvpfg8g3xeevKE2j5uod
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery