3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6 | Triage

Sharing

General

Target

3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6.hta
Size

2KB
Sample

240523-bpx6bsge25
MD5

f754844cfb65838d1dd6b19dde5d835c
SHA1

b3eb677783adc88c8d048898449e04d49f416db6
SHA256

3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6
SHA512

f42f89562b5c0be86dbd04683ee6c30711155acd1239e273da726c2bfedf5d0806c479b7107792c136bff6e97efb8d9145df0c176f499f86f1b7e304a2e3ccdf

Score

8^/10

execution

Malware Config

Targets

- Target
  
  3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6.hta
- Size
  
  2KB
- MD5
  
  f754844cfb65838d1dd6b19dde5d835c
- SHA1
  
  b3eb677783adc88c8d048898449e04d49f416db6
- SHA256
  
  3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6
- SHA512
  
  f42f89562b5c0be86dbd04683ee6c30711155acd1239e273da726c2bfedf5d0806c479b7107792c136bff6e97efb8d9145df0c176f499f86f1b7e304a2e3ccdf
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2