2d76ec94e8679b9c9d2eb0f0819c9a6d42ba9bcfa423416885dfc2b933735987 | Triage

Resubmissions

23-01-2024 09:55

240123-lx88nsaaf2 8

22-01-2024 16:15

240122-tqdr7aahc3 8

Sharing

General

Target

2d76ec94e8679b9c9d2eb0f0819c9a6d42ba9bcfa423416885dfc2b933735987.hta.danger
Size

7KB
Sample

240122-tqdr7aahc3
MD5

f3ab9f8fe8995462c3245f10ed76ae4f
SHA1

6aa8e54760bcc9aa7402e75d7cb33011e0673f7f
SHA256

2d76ec94e8679b9c9d2eb0f0819c9a6d42ba9bcfa423416885dfc2b933735987
SHA512

68d097848803e6c9f009ee41da373b5ce1136e40c750c0c704a137ca1a11bd483dc1f06089e9eb9310b47ee7232ac6bc8ad6c302bbe064765f266efef579848b
SSDEEP

192:CzHyJ1AwYaKyJ0VmW98+n6z39EPHzyKQSOOUHdLqmTlphHBLmBdexU+4ur6kUjRd:CzyJ1pROT

Score

8^/10

Malware Config

Targets

- Target
  
  2d76ec94e8679b9c9d2eb0f0819c9a6d42ba9bcfa423416885dfc2b933735987.hta.danger
- Size
  
  7KB
- MD5
  
  f3ab9f8fe8995462c3245f10ed76ae4f
- SHA1
  
  6aa8e54760bcc9aa7402e75d7cb33011e0673f7f
- SHA256
  
  2d76ec94e8679b9c9d2eb0f0819c9a6d42ba9bcfa423416885dfc2b933735987
- SHA512
  
  68d097848803e6c9f009ee41da373b5ce1136e40c750c0c704a137ca1a11bd483dc1f06089e9eb9310b47ee7232ac6bc8ad6c302bbe064765f266efef579848b
- SSDEEP
  
  192:CzHyJ1AwYaKyJ0VmW98+n6z39EPHzyKQSOOUHdLqmTlphHBLmBdexU+4ur6kUjRd:CzyJ1pROT
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2