27f82b4e513263433150138fea66f9bf9ca68e434c8990dbffe52be4c5234735 | Triage

Sharing

General

Target

RunHTA-1.bat
Size

89B
Sample

230418-sd87wscb76
MD5

9304eec826823da19c2702f736b7c2a7
SHA1

ad2bf9c087d38b3e9aee7099c2629c792f08bf0f
SHA256

27f82b4e513263433150138fea66f9bf9ca68e434c8990dbffe52be4c5234735
SHA512

06e41cb17a5616e36ef7f7620f09f8b5f1729e0053307f38be728bf9827f28620c868bc4e5ac614af67b57ae3bdccd31e09db6778a1fa808880584789afb9514

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://deck.31ventures.info/QKUh2zHgeC4/cvlw4kykmB/KANCcmwLIz/wYBfGR5XFn/_ED

Targets

- Target
  
  RunHTA-1.bat
- Size
  
  89B
- MD5
  
  9304eec826823da19c2702f736b7c2a7
- SHA1
  
  ad2bf9c087d38b3e9aee7099c2629c792f08bf0f
- SHA256
  
  27f82b4e513263433150138fea66f9bf9ca68e434c8990dbffe52be4c5234735
- SHA512
  
  06e41cb17a5616e36ef7f7620f09f8b5f1729e0053307f38be728bf9827f28620c868bc4e5ac614af67b57ae3bdccd31e09db6778a1fa808880584789afb9514
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2