880ebf5a3d74cf9781321ae84c77dd49cb27603bfc85a133e3bf940cb1744ac2 | Triage

Sharing

General

Target

880ebf5a3d74cf9781321ae84c77dd49cb27603bfc85a133e3bf940cb1744ac2
Size

4KB
Sample

230208-ep46eshb63
MD5

9547a542f51d896b1ea9dd4f63cebab9
SHA1

d2bd80190c9b9543b6716dd8111cdcb72dd5117b
SHA256

880ebf5a3d74cf9781321ae84c77dd49cb27603bfc85a133e3bf940cb1744ac2
SHA512

b215e2bde0ad3d65c8f592985ef1a888853de9a757f20302eb21fa38693893d57d42a1a6e527b5374b70370285d96850f4f886a41fac41b4927ae0248aae9673
SSDEEP

96:tbGmW4P46auEPwQCFxXYuRy6ojK5/LInSDUkLVWCUxibJFZzJb5ng:zI6qwQVu0rjGLInwVcxibXZlNg

Score

8^/10

Malware Config

Targets

- Target
  
  azienda_35.hta
- Size
  
  6KB
- MD5
  
  6627612314308237e214d6101125bb42
- SHA1
  
  5639b5fd391f0a7a7ea15fffca349f340c352cfe
- SHA256
  
  7cefc61d74c269fe571515a9be34a76b239abed349335a79e60fc923aa619030
- SHA512
  
  b68a08a167cde5b3ad3afac9728de2f5f09c66f5100262fabd87557e0c80228a008d3a9ad98831e58aa9bab90391882a0891243fa1f5af23dc3dff943ebf2923
- SSDEEP
  
  96:wDBFi3MLVTUoPg2pwTEeD4b7KdaO3iOaLt3M8Mn3XTPMJsb0ODcFE+Voq3V4d292:K/U77rIKdn863jMM0OD9+VVF44xikuj
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2