456b3f9da9adb06a2af3fe8d9bef4d0a53fd3f044df18089ae0bed0fd40e1173 | Triage

Sharing

General

Target

485cc1c7a9bc081a58c176d334b3f2c9
Size

533KB
Sample

240107-h53t3sgefl
MD5

485cc1c7a9bc081a58c176d334b3f2c9
SHA1

aa6138804a5556e5e1f302de46622907985157a0
SHA256

456b3f9da9adb06a2af3fe8d9bef4d0a53fd3f044df18089ae0bed0fd40e1173
SHA512

b970a04842364746edaf59e2f70cdddce832989e60814ecdef515c1b9a21ce13d6d259279944b295a0401d1773bd90deb12210a5cea0a4432124bb8a119356dc
SSDEEP

12288:XUJczMMN8s49EAK/iMMiOSz4C9MJI9EqJafzHr8NA7rFUO:JMMNx49EAK/iMMiOS8C9JVoHoN25UO

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://kamikirim.id/wp-content/themes/gutener/template-parts.txt

Targets

- Target
  
  485cc1c7a9bc081a58c176d334b3f2c9
- Size
  
  533KB
- MD5
  
  485cc1c7a9bc081a58c176d334b3f2c9
- SHA1
  
  aa6138804a5556e5e1f302de46622907985157a0
- SHA256
  
  456b3f9da9adb06a2af3fe8d9bef4d0a53fd3f044df18089ae0bed0fd40e1173
- SHA512
  
  b970a04842364746edaf59e2f70cdddce832989e60814ecdef515c1b9a21ce13d6d259279944b295a0401d1773bd90deb12210a5cea0a4432124bb8a119356dc
- SSDEEP
  
  12288:XUJczMMN8s49EAK/iMMiOSz4C9MJI9EqJafzHr8NA7rFUO:JMMNx49EAK/iMMiOS8C9JVoHoN25UO
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2