352b8017a3bd2a1890985f73e5f09c962576ea437ee7fb3a111921760661eec5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_40a597576a9556281e438482cd727cd4_lockbit
Size

32KB
Sample

241009-hc784atapc
MD5

40a597576a9556281e438482cd727cd4
SHA1

98451cbc7f40168c996650d2b61f489dc673cc1e
SHA256

352b8017a3bd2a1890985f73e5f09c962576ea437ee7fb3a111921760661eec5
SHA512

8f9cc45f9e833bbe429c428e01827fa3c7c8ba2a175dc5952cff64d90365d0342810d0bcac57664152cb6e805b845fd21eaee3a09082e4f3b78c6e604d1c1c7f
SSDEEP

768:5F2jccRV0SOZ4Okd5uIuEnMAnHw7waN8BB5Ix4PC74801bK:/yV0SO2Okd5uQBrakBGx40480xK

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-10-09_40a597576a9556281e438482cd727cd4_lockbit
- Size
  
  32KB
- MD5
  
  40a597576a9556281e438482cd727cd4
- SHA1
  
  98451cbc7f40168c996650d2b61f489dc673cc1e
- SHA256
  
  352b8017a3bd2a1890985f73e5f09c962576ea437ee7fb3a111921760661eec5
- SHA512
  
  8f9cc45f9e833bbe429c428e01827fa3c7c8ba2a175dc5952cff64d90365d0342810d0bcac57664152cb6e805b845fd21eaee3a09082e4f3b78c6e604d1c1c7f
- SSDEEP
  
  768:5F2jccRV0SOZ4Okd5uIuEnMAnHw7waN8BB5Ix4PC74801bK:/yV0SO2Okd5uQBrakBGx40480xK
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery