045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace | Triage

Sharing

General

Target

2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
Size

276KB
Sample

241012-fmjblsvckg
MD5

789eeeba04ac520bdf118659020cde7a
SHA1

333adcbc1b985154bc73b5bdbddbfff18f2468e1
SHA256

045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
SHA512

49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
SSDEEP

6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
- Size
  
  276KB
- MD5
  
  789eeeba04ac520bdf118659020cde7a
- SHA1
  
  333adcbc1b985154bc73b5bdbddbfff18f2468e1
- SHA256
  
  045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
- SHA512
  
  49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
- SSDEEP
  
  6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery