fa34de694982590cf404d1b0d0427f645939a0a54e88a47f2f4f50955401348f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e1299c421d896cbe9ee682702573f04.bin
Size

1KB
Sample

240222-bg1w9ahf5t
MD5

0e1299c421d896cbe9ee682702573f04
SHA1

35efab70e9929bd6aafb757100fe36ce9ed5d434
SHA256

fa34de694982590cf404d1b0d0427f645939a0a54e88a47f2f4f50955401348f
SHA512

760926dc5ea6d460b9a5cf80accf7ee05e7e98e0636d75ac72f6893595a0ecb4e9d46f3094df84db12d457388f826224e642cb29ed9234a936b9efbfbfe282ac

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://brainyworkslogos.com/32

Targets

- Target
  
  0e1299c421d896cbe9ee682702573f04.bin
- Size
  
  1KB
- MD5
  
  0e1299c421d896cbe9ee682702573f04
- SHA1
  
  35efab70e9929bd6aafb757100fe36ce9ed5d434
- SHA256
  
  fa34de694982590cf404d1b0d0427f645939a0a54e88a47f2f4f50955401348f
- SHA512
  
  760926dc5ea6d460b9a5cf80accf7ee05e7e98e0636d75ac72f6893595a0ecb4e9d46f3094df84db12d457388f826224e642cb29ed9234a936b9efbfbfe282ac
Score

10^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2