Overview

overview

10

Static

static

1

PassKey.txt.lnk

windows7-x64

10

PassKey.txt.lnk

windows10-1703-x64

10

PassKey.txt.lnk

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    PassKey.txt.lnk

  • Size

    1KB

  • Sample

    230511-s473hsee25

  • MD5

    3ec1d06a11217caf050a4a444358a79e

  • SHA1

    79b08b94fcfdf104a54e092ddc9f403d0cf82574

  • SHA256

    48ab16a93c623eedb907dfbedeede638eb32a29b485304634a8478ec5492a45b

  • SHA512

    d27371773062214e717a4f24845a2d29999eb777e05fafdbc0778060a0bdf04588aaa55391d3631c07d7d9cfd9135a45904db40f9e7f7496cc57e2616ac74b32

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://safe.gunosis.global/8jTzMnnPhNG/krXJ89hg4w/td8F5z9HuU/48UdptUmZE/NHYUKJyMGw/0UUCUmcKJV/1YP1TEEZL1/3Pb0%3D

Targets

    • Target

      PassKey.txt.lnk

    • Size

      1KB

    • MD5

      3ec1d06a11217caf050a4a444358a79e

    • SHA1

      79b08b94fcfdf104a54e092ddc9f403d0cf82574

    • SHA256

      48ab16a93c623eedb907dfbedeede638eb32a29b485304634a8478ec5492a45b

    • SHA512

      d27371773062214e717a4f24845a2d29999eb777e05fafdbc0778060a0bdf04588aaa55391d3631c07d7d9cfd9135a45904db40f9e7f7496cc57e2616ac74b32

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks