023334cc47ec29c06fd90e3a43acf9436e5d9e0662d9db13132f9427987ce3f2 | Triage

Sharing

General

Target

2024-10-13_57425cc19001960043854c1e143aced4_lockbit
Size

52KB
Sample

241013-kdnl7axbna
MD5

57425cc19001960043854c1e143aced4
SHA1

60f09c93a2da1cded719c7da6d006b38bcddff82
SHA256

023334cc47ec29c06fd90e3a43acf9436e5d9e0662d9db13132f9427987ce3f2
SHA512

2506957a4f342362c297e6231cf3a5f866e94476c5be24f05a2bfa15921bf449e5356fc2959b476551d8a283a07646f98ffcb10514ed24bc1bf4b4a547371f98
SSDEEP

1536:EGWpAjHIHcO+UNS8GBx3xb6x4l8QcaeWSDBPrxZaGL:Gp3HiU4PBx3xb6x4l8QcaXSRxZbL

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  2024-10-13_57425cc19001960043854c1e143aced4_lockbit
- Size
  
  52KB
- MD5
  
  57425cc19001960043854c1e143aced4
- SHA1
  
  60f09c93a2da1cded719c7da6d006b38bcddff82
- SHA256
  
  023334cc47ec29c06fd90e3a43acf9436e5d9e0662d9db13132f9427987ce3f2
- SHA512
  
  2506957a4f342362c297e6231cf3a5f866e94476c5be24f05a2bfa15921bf449e5356fc2959b476551d8a283a07646f98ffcb10514ed24bc1bf4b4a547371f98
- SSDEEP
  
  1536:EGWpAjHIHcO+UNS8GBx3xb6x4l8QcaeWSDBPrxZaGL:Gp3HiU4PBx3xb6x4l8QcaXSRxZbL
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery