a08868f1a8ed16d22d8d9cedca4ff215d4243ce1b965a4108b48fb92e251ea96 | Triage

Sharing

General

Target

Notificaciones_11102023_ff6y2TM.HTA
Size

43KB
Sample

231011-sasqqsgc69
MD5

13dabc0b7f1d85bf2d23521bd1bde8ef
SHA1

4c7199570a0379ed28b36387c3b6aa3d98b1942f
SHA256

a08868f1a8ed16d22d8d9cedca4ff215d4243ce1b965a4108b48fb92e251ea96
SHA512

1fc39284ac013e9d4b3656d091de7e9396b7b0b12d854dce608570d8251b4349db7c3a1397469828e3f0ad6e298d0a03eba4262158dd5f82cf362928603dab01
SSDEEP

768:CYQAOZpYKvz3L/bQO3+kVn/Sk8LZesgZQAOZpYKvz3L/bQO3+kVn/Sk8LZesgw:CYQAO4ELr+wSkTLZQAO4ELr+wSkTLw

Score

8^/10

Malware Config

Targets

- Target
  
  Notificaciones_11102023_ff6y2TM.HTA
- Size
  
  43KB
- MD5
  
  13dabc0b7f1d85bf2d23521bd1bde8ef
- SHA1
  
  4c7199570a0379ed28b36387c3b6aa3d98b1942f
- SHA256
  
  a08868f1a8ed16d22d8d9cedca4ff215d4243ce1b965a4108b48fb92e251ea96
- SHA512
  
  1fc39284ac013e9d4b3656d091de7e9396b7b0b12d854dce608570d8251b4349db7c3a1397469828e3f0ad6e298d0a03eba4262158dd5f82cf362928603dab01
- SSDEEP
  
  768:CYQAOZpYKvz3L/bQO3+kVn/Sk8LZesgZQAOZpYKvz3L/bQO3+kVn/Sk8LZesgw:CYQAO4ELr+wSkTLZQAO4ELr+wSkTLw
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2