340767f30b837ececdb8b5400264c2a539167f272b7240178f52937dace02255 | Triage

Sharing

General

Target

2024-09-21_13bd32cddf17c304c2d7fe9a8ccaf9fd_lockbit
Size

59KB
Sample

240921-vznjestgpa
MD5

13bd32cddf17c304c2d7fe9a8ccaf9fd
SHA1

30cc89bd848227473d72009f145f040ef8304357
SHA256

340767f30b837ececdb8b5400264c2a539167f272b7240178f52937dace02255
SHA512

2b0cffd5a597cd985dbe9b73f9409725e3df547fcdfb3ddac562e590719be1b2d8e8083b48b2967e4faaf05db315bf96745d25b1f9cc62c44271cbbf1e999357
SSDEEP

1536:h/6A0q5HDR4oWBx3xrBx41z8Qc0YDkvvvvvvvvvvvvvvvvvv6J9B:96G5HOoWBx3xrBx41z8Qc0KBJ9B

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-09-21_13bd32cddf17c304c2d7fe9a8ccaf9fd_lockbit
- Size
  
  59KB
- MD5
  
  13bd32cddf17c304c2d7fe9a8ccaf9fd
- SHA1
  
  30cc89bd848227473d72009f145f040ef8304357
- SHA256
  
  340767f30b837ececdb8b5400264c2a539167f272b7240178f52937dace02255
- SHA512
  
  2b0cffd5a597cd985dbe9b73f9409725e3df547fcdfb3ddac562e590719be1b2d8e8083b48b2967e4faaf05db315bf96745d25b1f9cc62c44271cbbf1e999357
- SSDEEP
  
  1536:h/6A0q5HDR4oWBx3xrBx41z8Qc0YDkvvvvvvvvvvvvvvvvvv6J9B:96G5HOoWBx3xrBx41z8Qc0KBJ9B
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery