Overview

overview

10

Static

static

1

6086f319ca...bd.lnk

windows7-x64

10

6086f319ca...bd.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6086f319caf204ec965aac6797ced062b71bec0f46722100b782fa3bfc31d9bd.lnk

  • Size

    1KB

  • Sample

    240316-cwes1abd95

  • MD5

    90a6eed71981efdcdbc0c8c0151cfb0e

  • SHA1

    c21e13a29ad18e73b88eddec919b85925a95952a

  • SHA256

    6086f319caf204ec965aac6797ced062b71bec0f46722100b782fa3bfc31d9bd

  • SHA512

    fa7b96a7e404dc187d43f04ccd55637a959fbb7950d6b69e80539b4026cfd62460a74330dadb2a8e1578ddf0b87f31a4c8bac6451bd57130aa90f5a5bce77bbd

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://89.23.98.210/qqeng

Extracted

Language
hta
Source
URLs
hta.dropper

http://89.23.98.210/qqeng

Targets

    • Target

      6086f319caf204ec965aac6797ced062b71bec0f46722100b782fa3bfc31d9bd.lnk

    • Size

      1KB

    • MD5

      90a6eed71981efdcdbc0c8c0151cfb0e

    • SHA1

      c21e13a29ad18e73b88eddec919b85925a95952a

    • SHA256

      6086f319caf204ec965aac6797ced062b71bec0f46722100b782fa3bfc31d9bd

    • SHA512

      fa7b96a7e404dc187d43f04ccd55637a959fbb7950d6b69e80539b4026cfd62460a74330dadb2a8e1578ddf0b87f31a4c8bac6451bd57130aa90f5a5bce77bbd

    Score
    10/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks