70b5306a7ac68e2b07177f5a7d398013f4d1d67d7508f3b64e9eb3f1cace50d4 | Triage

Sharing

General

Target

420-23015-24_10.10.2024.rar
Size

5KB
Sample

241017-tpps3atepg
MD5

f3ce32c2f70119f51e48967a6e5f77ec
SHA1

ee6d8a998e9b1fec9c8deba63198dad8dca509ef
SHA256

70b5306a7ac68e2b07177f5a7d398013f4d1d67d7508f3b64e9eb3f1cace50d4
SHA512

72999df63d1f239a381e806c695c216cb97251385e3a064d7a740b5ed14555cf3b31fa2d395674ca7dbae42917a7be82c880cee179384b243753c761a69d8fa9
SSDEEP

96:lCZ/4IaciK5hJ2cLEHc104mqHq8H8eurQK915C8UVe/29ROqx9E9zazCBEl:l6v57J2wEHci4mqHqzFrDX5KVLS+zX

Score

10^/10

discovery

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://tent-highly-constant-euro.trycloudflare.com/HZ/relate/base.epub

Targets

- Target
  
  420-23015-24_від_10.10.2024/420-23015-24_від_10.10.2024.pdf
- Size
  
  8KB
- MD5
  
  a60099eacbec024584b46b7fbc9bf7ae
- SHA1
  
  8f974bda924571f5b3a7c6c53f82facd200cb6dd
- SHA256
  
  c0881315d785f5045791c1511e5ce4336492227f94e7b049ebd521df80ae5f98
- SHA512
  
  02d2a99b8277cd724c1677245e1eb30f8772de4248a1102da6ca76056f5da7822e751c23a62ead9f196de80becac8a1e01a1d11d46f43ce2b87bd54739aeb19f
- SSDEEP
  
  96:ey9TfgBTG3Xpe54KMesK4YUI3p5bXkxkMSL+RekxkMSLp2ejhO2ejhO2ejhO2ej+:39riG3XY5/sgUex1dbfAfAfAfA9WhVze
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  420-23015-24_від_10.10.2024/Повістка про виклик до суду в адміністративній справі (у підготовчому судовому засіданні).hta
- Size
  
  498B
- MD5
  
  458c0be42e9713a6c8210964e7c1e293
- SHA1
  
  2b0183263f6d7071a02396644947869f4fc159aa
- SHA256
  
  eaaa84f9d583a55e6ab670690763af007e65382f72ac18b46a58aa3c8c163174
- SHA512
  
  9293327437e3a14ce3d134b9c508846430ffa10f1eba7252ac8daa9095741197a2b51ee615ca100906db76b3f280fcc905be2f0a045ab9659cbdcc35aaa89508
Score

10^/10

discovery
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4