General
-
Target
6320c823373c9d7e46a0b07d3cf9182077591c62add5f7417490531f70467681.lnk
-
Size
1KB
-
Sample
240523-bzq5rsha68
-
MD5
4f3d62489ec58662e1acd166b626631f
-
SHA1
49d5d56e0d26f4be7591b92ca543c759aeb45b2a
-
SHA256
6320c823373c9d7e46a0b07d3cf9182077591c62add5f7417490531f70467681
-
SHA512
8064c7c760d491816bebd97d0417a78f2b5ba63e95ed3bbbb5f0ca9ed6c6a63f556e8ce8fdb05625f0f4c955973580a5a7d07d72d22da3b60d7ef12b88144883
Static task
static1
Behavioral task
behavioral1
Sample
6320c823373c9d7e46a0b07d3cf9182077591c62add5f7417490531f70467681.lnk
Resource
win7-20240220-en
Malware Config
Extracted
https://foundationforwomenshealth.com/rooming.hta
Targets
-
-
Target
6320c823373c9d7e46a0b07d3cf9182077591c62add5f7417490531f70467681.lnk
-
Size
1KB
-
MD5
4f3d62489ec58662e1acd166b626631f
-
SHA1
49d5d56e0d26f4be7591b92ca543c759aeb45b2a
-
SHA256
6320c823373c9d7e46a0b07d3cf9182077591c62add5f7417490531f70467681
-
SHA512
8064c7c760d491816bebd97d0417a78f2b5ba63e95ed3bbbb5f0ca9ed6c6a63f556e8ce8fdb05625f0f4c955973580a5a7d07d72d22da3b60d7ef12b88144883
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-