General
-
Target
PLOCMR-002 Dane dotycz膮ce dokument贸w i towar贸w.html
-
Size
8KB
-
Sample
240424-2ttltabb76
-
MD5
86816f2832da46166cc3079c4c32a2d6
-
SHA1
a92657644d8dff7c7801eb465ca91e22767998b3
-
SHA256
655f862dff56546606f574d6ca39a4f7dc0d3f5fc22d3f2e3cd3562e7c78a63e
-
SHA512
ef1397d123f72297cd88e8103419ce26cd36860a765b4ec4d18af24140889bdf1d6abf19a60ea35c7a4564bdf751f5ab3224cb42fb5cc72c754f8461bf5fe40f
-
SSDEEP
192:dpkmdGRwpG/WCLAplmr/uxASN8YkGLWIpkkJTTRv:dCmdQwAuWa3N8YkGLuKJv
Static task
static1
Behavioral task
behavioral1
Sample
PLOCMR-002 Dane dotycz膮ce dokument贸w i towar贸w.hta
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PLOCMR-002 Dane dotycz膮ce dokument贸w i towar贸w.hta
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
PLOCMR-002 Dane dotycz膮ce dokument贸w i towar贸w.html
-
Size
8KB
-
MD5
86816f2832da46166cc3079c4c32a2d6
-
SHA1
a92657644d8dff7c7801eb465ca91e22767998b3
-
SHA256
655f862dff56546606f574d6ca39a4f7dc0d3f5fc22d3f2e3cd3562e7c78a63e
-
SHA512
ef1397d123f72297cd88e8103419ce26cd36860a765b4ec4d18af24140889bdf1d6abf19a60ea35c7a4564bdf751f5ab3224cb42fb5cc72c754f8461bf5fe40f
-
SSDEEP
192:dpkmdGRwpG/WCLAplmr/uxASN8YkGLWIpkkJTTRv:dCmdQwAuWa3N8YkGLuKJv
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-