76057a9c0a13cee9d91d81699ef404f5356fd6c05dd016d233e4bdf81dc557db

Resubmissions

04-09-2023 19:50

230904-ykc1xsbc28 10

04-09-2023 14:17

04-09-2023 14:17

04-09-2023 14:11

04-09-2023 14:07

Sharing

Copy URL

Twitter E-mail

General

Target

Outlook.lnk.bin
Size

2KB
Sample

230904-rhch2sha58
MD5

f274648730a6b233abe71da363e10d9a
SHA1

2071ec37e2f77994de4549ecb481104881ab0d6a
SHA256

76057a9c0a13cee9d91d81699ef404f5356fd6c05dd016d233e4bdf81dc557db
SHA512

9d26fd4bbdafa0c2864534f433adf5f13c43a064120f90704d437dca5c2b63a6d6ec09fbc872f17351e8c7babfcb7fc4a174e2e8dfca1949647eea04af0e22fa

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://drive.sharedin.store/share/t1.hta

Targets

- Target
  
  Outlook.lnk.bin
- Size
  
  2KB
- MD5
  
  f274648730a6b233abe71da363e10d9a
- SHA1
  
  2071ec37e2f77994de4549ecb481104881ab0d6a
- SHA256
  
  76057a9c0a13cee9d91d81699ef404f5356fd6c05dd016d233e4bdf81dc557db
- SHA512
  
  9d26fd4bbdafa0c2864534f433adf5f13c43a064120f90704d437dca5c2b63a6d6ec09fbc872f17351e8c7babfcb7fc4a174e2e8dfca1949647eea04af0e22fa
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2