General
-
Target
d14458e804f08365d6b0ec741aedebd2.hta
-
Size
29KB
-
Sample
240922-w3tqaatamk
-
MD5
d14458e804f08365d6b0ec741aedebd2
-
SHA1
ae78a964640ea3b17352f7639bf1dba97d903f5e
-
SHA256
bc9977572b8ff171c0416afb3c1ee3b719a2598a704aa93832411b04bccdc31c
-
SHA512
66971f943e7c9df89e9b021ecd7372cbbc721683685bd829312d2e8d9511a67d961cc106d0f89503630360e96133f0c7b9c5a19af3ec3177c83a1649d71dea73
-
SSDEEP
384:OeiNYnl3Q/2irLwQbyACD1Ja7dnK2StQHonsfUD2O3Al3l0YKxAVi/a:n3Q/T/weyanKfnn4s2O3Al3lqx9S
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.180.12:7810/BKje
Targets
-
-
Target
d14458e804f08365d6b0ec741aedebd2.hta
-
Size
29KB
-
MD5
d14458e804f08365d6b0ec741aedebd2
-
SHA1
ae78a964640ea3b17352f7639bf1dba97d903f5e
-
SHA256
bc9977572b8ff171c0416afb3c1ee3b719a2598a704aa93832411b04bccdc31c
-
SHA512
66971f943e7c9df89e9b021ecd7372cbbc721683685bd829312d2e8d9511a67d961cc106d0f89503630360e96133f0c7b9c5a19af3ec3177c83a1649d71dea73
-
SSDEEP
384:OeiNYnl3Q/2irLwQbyACD1Ja7dnK2StQHonsfUD2O3Al3l0YKxAVi/a:n3Q/T/weyanKfnn4s2O3Al3lqx9S
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-