General

  • Target

    a690bda4ad1bf1c1685a7d8a18d09327284fb0d9e74371f97e7c7ee7c6159efa

  • Size

    69KB

  • Sample

    240226-1ywfjahc94

  • MD5

    9e70b2c0cd92a0127269d2750afa6e5a

  • SHA1

    e35081a7ebf943f49fcc4cf23442daf14dd47614

  • SHA256

    a690bda4ad1bf1c1685a7d8a18d09327284fb0d9e74371f97e7c7ee7c6159efa

  • SHA512

    9256fa305e595add36ac068b4f222ab52cf3775a1508360a24f8cda190f23cf3c43e1b558f2cc609e315b8cfbb952f5b6f34fed2f64194c4c77dceae3f0b4057

  • SSDEEP

    1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe2.html

Targets

    • Target

      a690bda4ad1bf1c1685a7d8a18d09327284fb0d9e74371f97e7c7ee7c6159efa

    • Size

      69KB

    • MD5

      9e70b2c0cd92a0127269d2750afa6e5a

    • SHA1

      e35081a7ebf943f49fcc4cf23442daf14dd47614

    • SHA256

      a690bda4ad1bf1c1685a7d8a18d09327284fb0d9e74371f97e7c7ee7c6159efa

    • SHA512

      9256fa305e595add36ac068b4f222ab52cf3775a1508360a24f8cda190f23cf3c43e1b558f2cc609e315b8cfbb952f5b6f34fed2f64194c4c77dceae3f0b4057

    • SSDEEP

      1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks