Overview

overview

10

Static

static

1

ed8c04a3e2...d7.lnk

windows7-x64

10

ed8c04a3e2...d7.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed8c04a3e2d95d5ad8e2327a56d221715f06ed84eb9dc44ff86acff4076629d7

  • Size

    1KB

  • Sample

    240410-jwa85sgh57

  • MD5

    4615e0986a5f3262db6fbe3676f4440d

  • SHA1

    1c5fc600ddb5ef0ba6eda0c4baee8198f4448cc4

  • SHA256

    ed8c04a3e2d95d5ad8e2327a56d221715f06ed84eb9dc44ff86acff4076629d7

  • SHA512

    7e480663b790f76881d8ea9e0bf197de396f3abf67c0783f3732dab92d4a11d6b6a5039e3f493bb9b3599a273af0851183d7efcf60a8fef1dd648506a638c8fb

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://tpp.tj/T/sys.hta

Targets

    • Target

      ed8c04a3e2d95d5ad8e2327a56d221715f06ed84eb9dc44ff86acff4076629d7

    • Size

      1KB

    • MD5

      4615e0986a5f3262db6fbe3676f4440d

    • SHA1

      1c5fc600ddb5ef0ba6eda0c4baee8198f4448cc4

    • SHA256

      ed8c04a3e2d95d5ad8e2327a56d221715f06ed84eb9dc44ff86acff4076629d7

    • SHA512

      7e480663b790f76881d8ea9e0bf197de396f3abf67c0783f3732dab92d4a11d6b6a5039e3f493bb9b3599a273af0851183d7efcf60a8fef1dd648506a638c8fb

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks