9c0e1d6757b3d880418d1aacaebde1afa1412c3b180113343dd106726635da42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

azienda_06.hta
Size

6KB
Sample

230207-mq39hsbb39
MD5

44b177b19558678908e630d8b8417a42
SHA1

29a8811b5c4ccb565c1064030ffcd9ca0937a938
SHA256

9c0e1d6757b3d880418d1aacaebde1afa1412c3b180113343dd106726635da42
SHA512

f0face3ad274e54e65f8d7b725e0afbe78f361647bdd825e258da9c17d1ff3a342d5b01a20b8b557e67a82f408ecfedc53649df7ab6abae237ad0646a3dbbdd4
SSDEEP

96:wY7LVTUoPg2pwTEeD4b7KdaO3iOaLt3M8Mn3XTPMJsb0ODcFE+Voq3V4dh96rK9B:nU77rIKdn863jMM0OD9+VVF4nx4kuE

Score

8^/10

Malware Config

Targets

- Target
  
  azienda_06.hta
- Size
  
  6KB
- MD5
  
  44b177b19558678908e630d8b8417a42
- SHA1
  
  29a8811b5c4ccb565c1064030ffcd9ca0937a938
- SHA256
  
  9c0e1d6757b3d880418d1aacaebde1afa1412c3b180113343dd106726635da42
- SHA512
  
  f0face3ad274e54e65f8d7b725e0afbe78f361647bdd825e258da9c17d1ff3a342d5b01a20b8b557e67a82f408ecfedc53649df7ab6abae237ad0646a3dbbdd4
- SSDEEP
  
  96:wY7LVTUoPg2pwTEeD4b7KdaO3iOaLt3M8Mn3XTPMJsb0ODcFE+Voq3V4dh96rK9B:nU77rIKdn863jMM0OD9+VVF4nx4kuE
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2