General
-
Target
sizeTitleVariable.hta
-
Size
3KB
-
Sample
210505-9r8r3j9xxn
-
MD5
89839109321fbc3a3fe65e7ac7a2d04d
-
SHA1
70d35025dc06c3cfaae47b0ce3cd4883531afca2
-
SHA256
854714aa6bb0d8bd26a5c7ffbc3bcb394c828fdaa169711656e8349979e8b404
-
SHA512
2f6a6567b2743575b594f1f06382aed996b7d19aca0946a5828bdf294a6c4ed8e04703eba61344a4a99e0110ba2190d0ae2d1e06cc6eced79cbd565e0f0df740
Static task
static1
Behavioral task
behavioral1
Sample
sizeTitleVariable.hta
Resource
win7v20210408
Behavioral task
behavioral2
Sample
sizeTitleVariable.hta
Resource
win10v20210410
Malware Config
Extracted
icedid
1386562008
zasertiokil.top
Targets
-
-
Target
sizeTitleVariable.hta
-
Size
3KB
-
MD5
89839109321fbc3a3fe65e7ac7a2d04d
-
SHA1
70d35025dc06c3cfaae47b0ce3cd4883531afca2
-
SHA256
854714aa6bb0d8bd26a5c7ffbc3bcb394c828fdaa169711656e8349979e8b404
-
SHA512
2f6a6567b2743575b594f1f06382aed996b7d19aca0946a5828bdf294a6c4ed8e04703eba61344a4a99e0110ba2190d0ae2d1e06cc6eced79cbd565e0f0df740
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-