Overview

overview

8

Static

static

1

fuck_niggers_8.hta

windows7-x64

8

fuck_niggers_8.hta

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fuck_niggers_8.hta

  • Size

    47KB

  • Sample

    230630-py6eyscc52

  • MD5

    f540c1239b6be3493bcf0b37eadec775

  • SHA1

    c7964aa243408c4721203fbe387476d59a2255d9

  • SHA256

    a53d92946047621132de3c9469b18a297f557d6a1b8588fd93c107cee7f0a572

  • SHA512

    54757a9538c0ff4120fb68b73a265fbcb987260c869ec2e8945715353c3f5a8a0558e2a937698c67951ff795704b26f4f4042c1dd77c2408aa20451c90e6df32

  • SSDEEP

    768:YPEpxUkObj6fpPJxUWPePmeTe5WKb1eAYFel22GBRIekYWX9Oe5LAopD2Tn80RH5:YPEpxUkObj6fpPJxUWPePmeTe5WKb1el

Score
8/10

Malware Config

Targets

    • Target

      fuck_niggers_8.hta

    • Size

      47KB

    • MD5

      f540c1239b6be3493bcf0b37eadec775

    • SHA1

      c7964aa243408c4721203fbe387476d59a2255d9

    • SHA256

      a53d92946047621132de3c9469b18a297f557d6a1b8588fd93c107cee7f0a572

    • SHA512

      54757a9538c0ff4120fb68b73a265fbcb987260c869ec2e8945715353c3f5a8a0558e2a937698c67951ff795704b26f4f4042c1dd77c2408aa20451c90e6df32

    • SSDEEP

      768:YPEpxUkObj6fpPJxUWPePmeTe5WKb1eAYFel22GBRIekYWX9Oe5LAopD2Tn80RH5:YPEpxUkObj6fpPJxUWPePmeTe5WKb1el

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks