General
-
Target
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3.hta
-
Size
7KB
-
Sample
240531-beqnhaab39
-
MD5
bce1078c57268ef42732dc651d2049c9
-
SHA1
e3df7d0b57e1a98c7614765abb51cf80f8b0c703
-
SHA256
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3
-
SHA512
2c2d3569955489efe9c0c2b1f421bfab215bb0a36cb53002328bb4c2437f9731b853fa2db4ee74b98c6e7140c5ecac7f4e1bad86ba5af448f2c9b7f7cc657250
-
SSDEEP
192:Un2jh1hqT2Rxq0rNMP/9urq9oUSx8F6Nh3p3k2Zp2dHhxd:Un2jh1hscQ0rg0G9oUSU6NzDQdHhxd
Static task
static1
Behavioral task
behavioral1
Sample
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3.hta
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3.hta
Resource
win10v2004-20240426-en
Malware Config
Extracted
metasploit
windows/shell_bind_tcp
Targets
-
-
Target
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3.hta
-
Size
7KB
-
MD5
bce1078c57268ef42732dc651d2049c9
-
SHA1
e3df7d0b57e1a98c7614765abb51cf80f8b0c703
-
SHA256
14cff907c52f3c8efc51e1775fca708be95910b3488107d5be4e0b2cd5bcaaa3
-
SHA512
2c2d3569955489efe9c0c2b1f421bfab215bb0a36cb53002328bb4c2437f9731b853fa2db4ee74b98c6e7140c5ecac7f4e1bad86ba5af448f2c9b7f7cc657250
-
SSDEEP
192:Un2jh1hqT2Rxq0rNMP/9urq9oUSx8F6Nh3p3k2Zp2dHhxd:Un2jh1hscQ0rg0G9oUSU6NzDQdHhxd
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-