General
-
Target
myLadyYou.hta
-
Size
3KB
-
Sample
211022-3tphjaceg2
-
MD5
c61438c62ed2365acf96666d60693f7f
-
SHA1
fb6a583b20018529b1a582aefed72610ebee0e15
-
SHA256
7000ec866763706f0244525b0951606dd9a18f3acfb338b13cc8b4ef437a814f
-
SHA512
9d11669828022f409f68623a3a29343b11b78d3449b099439f23b1b00785209496776dbae5c7dd310af2306bfb673e9e118dd200a82a7146c51ff716ac694c0c
Static task
static1
Behavioral task
behavioral1
Sample
myLadyYou.hta
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
myLadyYou.hta
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
myLadyYou.hta
-
Size
3KB
-
MD5
c61438c62ed2365acf96666d60693f7f
-
SHA1
fb6a583b20018529b1a582aefed72610ebee0e15
-
SHA256
7000ec866763706f0244525b0951606dd9a18f3acfb338b13cc8b4ef437a814f
-
SHA512
9d11669828022f409f68623a3a29343b11b78d3449b099439f23b1b00785209496776dbae5c7dd310af2306bfb673e9e118dd200a82a7146c51ff716ac694c0c
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Bazar/Team9 Loader payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-