General

  • Target

    7cbb0d17773f084bfa88dbd62a41b51b02612edeb8eaecc92695db888d56803a

  • Size

    71KB

  • Sample

    241111-vmq4savqap

  • MD5

    967bee3630a1513bf9cacf6092f4df24

  • SHA1

    bb68df100531dbd64e689b2e855ed4f9f36639d6

  • SHA256

    7cbb0d17773f084bfa88dbd62a41b51b02612edeb8eaecc92695db888d56803a

  • SHA512

    8b40f6ee31a6c5a5123122b2ef978c0fd2f26d4b7216137505bbfd97a4d356e82bcb4d8de6713cbe87a2aa454f5a54a454641f6a481df372c47e3b0a1957bfdd

  • SSDEEP

    1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe2.html

Targets

    • Target

      7cbb0d17773f084bfa88dbd62a41b51b02612edeb8eaecc92695db888d56803a

    • Size

      71KB

    • MD5

      967bee3630a1513bf9cacf6092f4df24

    • SHA1

      bb68df100531dbd64e689b2e855ed4f9f36639d6

    • SHA256

      7cbb0d17773f084bfa88dbd62a41b51b02612edeb8eaecc92695db888d56803a

    • SHA512

      8b40f6ee31a6c5a5123122b2ef978c0fd2f26d4b7216137505bbfd97a4d356e82bcb4d8de6713cbe87a2aa454f5a54a454641f6a481df372c47e3b0a1957bfdd

    • SSDEEP

      1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks