Overview

overview

10

Static

static

1

doc3002903...20.hta

windows7-x64

3

doc3002903...20.hta

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    doc3002903.64eee5206fb20.HTA

  • Size

    7KB

  • Sample

    230830-hk3zcaac42

  • MD5

    121a870dd7cdd01fc2baa6897d376492

  • SHA1

    3c928e286997daab447e0cfe13988dad9923fd96

  • SHA256

    45992c4d15aa21aa0a6a29bcc306a25cb13b7c6bebe8d5de5f51cd325259b285

  • SHA512

    6af7c9f33eb16986fe14898b7bc2ab57ab3cb2d47d643e744f8f114593f218856318f913bf6c19b8e292b637ab11f8e05b66e04d60732299eca521c754d60066

  • SSDEEP

    96:CBBtt+qmn1Co2sbloaDdEgkud5CZrHh9AYv42JxE827TEXOkHPwAf:CLjcTPOq5EWYv4id27APwAf

Score
10/10
latentbotpersistencetrojanupx

Malware Config

Targets

    • Target

      doc3002903.64eee5206fb20.HTA

    • Size

      7KB

    • MD5

      121a870dd7cdd01fc2baa6897d376492

    • SHA1

      3c928e286997daab447e0cfe13988dad9923fd96

    • SHA256

      45992c4d15aa21aa0a6a29bcc306a25cb13b7c6bebe8d5de5f51cd325259b285

    • SHA512

      6af7c9f33eb16986fe14898b7bc2ab57ab3cb2d47d643e744f8f114593f218856318f913bf6c19b8e292b637ab11f8e05b66e04d60732299eca521c754d60066

    • SSDEEP

      96:CBBtt+qmn1Co2sbloaDdEgkud5CZrHh9AYv42JxE827TEXOkHPwAf:CLjcTPOq5EWYv4id27APwAf

    Score
    10/10
    latentbotpersistencetrojanupx

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

      trojanlatentbot

    • Downloads MZ/PE file

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks