d873e8acacb72ab8a79133141463b0ccb9a17d948da2865d9045c3e22bed7bf0 | Triage

Sharing

General

Target

Comprobante_1296926.HTA
Size

26KB
Sample

230918-tgvdkscg54
MD5

15e5781d66044202528f9f4a5af2eef5
SHA1

1bf79e56761c45850c8ea076590074eda11d3e38
SHA256

d873e8acacb72ab8a79133141463b0ccb9a17d948da2865d9045c3e22bed7bf0
SHA512

3cb0e5f8aa054a75e9ecef34648e83dae9377ef554388f0bbc4a07654e2387f5c94d830eb2c31fd0562b02aad4fb18e231fc2a0d6a12cb529c6d652c74cc9c53
SSDEEP

768:CNnHIy4gnvcVbmDth1WPW95DKRfWh2qduHRd2:CNoyBwqP1W+9IRe/duHRd2

Score

8^/10

Malware Config

Targets

- Target
  
  Comprobante_1296926.HTA
- Size
  
  26KB
- MD5
  
  15e5781d66044202528f9f4a5af2eef5
- SHA1
  
  1bf79e56761c45850c8ea076590074eda11d3e38
- SHA256
  
  d873e8acacb72ab8a79133141463b0ccb9a17d948da2865d9045c3e22bed7bf0
- SHA512
  
  3cb0e5f8aa054a75e9ecef34648e83dae9377ef554388f0bbc4a07654e2387f5c94d830eb2c31fd0562b02aad4fb18e231fc2a0d6a12cb529c6d652c74cc9c53
- SSDEEP
  
  768:CNnHIy4gnvcVbmDth1WPW95DKRfWh2qduHRd2:CNoyBwqP1W+9IRe/duHRd2
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2