1ce92a8714ccc3a3cdba2a9460c080c9ebf24b9f808e360802fe1a01b1aa3087 | Triage

Sharing

General

Target

ϜΑCͲURA -7600547.hta
Size

1KB
Sample

240502-ynrcqagf39
MD5

79f04741ac22fe43e0ff2ec5179850a5
SHA1

a7b438af2da4ca5bfb8c565d52dbc239399289dc
SHA256

1ce92a8714ccc3a3cdba2a9460c080c9ebf24b9f808e360802fe1a01b1aa3087
SHA512

4fd251eea977508394414062db4ea331bc05ff855e82eae98e16acb42575bba4cd01072e7f55933a0dcfee34330fd5cdbd4b9b52101f1fd58f3a3454d14db606

Score

8^/10

Malware Config

Targets

- Target
  
  ϜΑCͲURA -7600547.hta
- Size
  
  1KB
- MD5
  
  79f04741ac22fe43e0ff2ec5179850a5
- SHA1
  
  a7b438af2da4ca5bfb8c565d52dbc239399289dc
- SHA256
  
  1ce92a8714ccc3a3cdba2a9460c080c9ebf24b9f808e360802fe1a01b1aa3087
- SHA512
  
  4fd251eea977508394414062db4ea331bc05ff855e82eae98e16acb42575bba4cd01072e7f55933a0dcfee34330fd5cdbd4b9b52101f1fd58f3a3454d14db606
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2