General

  • Target

    launcher-upd.hta

  • Size

    1.2MB

  • Sample

    230718-2sxl3sfb5t

  • MD5

    bc6bd8557ab4a4baff1148ec1fb13c69

  • SHA1

    0e4bfe570846da042b91c6d8950f9982afb2e4a4

  • SHA256

    234cb82d84ba923f911d3c0632018c008a7a52cbba0fd1069856712604e7410a

  • SHA512

    721636ad8beb0b0141fb1d29e66343b9629965b223b32c967a928c7315bcbed952c9ac8a1ae73f2e5037c6f2b61e2781fa677240e6b9d2df960adb5e1eaa82ad

  • SSDEEP

    3072:VBXTmNrVumk1LwKFmayb0gpHtdHp2CTX1UB4towRW:VtTOJuZcKYaVGzH3TXeB4tQ

Score
10/10

Malware Config

Targets

    • Target

      launcher-upd.hta

    • Size

      1.2MB

    • MD5

      bc6bd8557ab4a4baff1148ec1fb13c69

    • SHA1

      0e4bfe570846da042b91c6d8950f9982afb2e4a4

    • SHA256

      234cb82d84ba923f911d3c0632018c008a7a52cbba0fd1069856712604e7410a

    • SHA512

      721636ad8beb0b0141fb1d29e66343b9629965b223b32c967a928c7315bcbed952c9ac8a1ae73f2e5037c6f2b61e2781fa677240e6b9d2df960adb5e1eaa82ad

    • SSDEEP

      3072:VBXTmNrVumk1LwKFmayb0gpHtdHp2CTX1UB4towRW:VtTOJuZcKYaVGzH3TXeB4tQ

    Score
    10/10
    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks