General
-
Target
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3.hta
-
Size
7KB
-
Sample
240531-bscc2ahg8s
-
MD5
4e99f0feadde2839ac462ed6916bfd07
-
SHA1
1830781cc5f224a68b64bc96d93f10b59b7122b7
-
SHA256
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3
-
SHA512
a189491fcacfc9eaecb1c31d706f77b3b6d96ab0d0079e60e7b01bdcba67b0a7b0ebf415e708276212875d479847b00ee2a7aaf40865dc73b3cda64a83d8dd1e
-
SSDEEP
192:8n2jh1hqT2dcgE65MfDnQ8BQb1STDaIsF6hd9d:8n2jh1hsYsXQehT+Mhd9d
Static task
static1
Behavioral task
behavioral1
Sample
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3.hta
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3.hta
Resource
win10v2004-20240426-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
1.14.247.162:40001
Targets
-
-
Target
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3.hta
-
Size
7KB
-
MD5
4e99f0feadde2839ac462ed6916bfd07
-
SHA1
1830781cc5f224a68b64bc96d93f10b59b7122b7
-
SHA256
8022b173111766352a7a3c42480505eba6391a170950505a9d539a9fcf4f2ab3
-
SHA512
a189491fcacfc9eaecb1c31d706f77b3b6d96ab0d0079e60e7b01bdcba67b0a7b0ebf415e708276212875d479847b00ee2a7aaf40865dc73b3cda64a83d8dd1e
-
SSDEEP
192:8n2jh1hqT2dcgE65MfDnQ8BQb1STDaIsF6hd9d:8n2jh1hsYsXQehT+Mhd9d
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-