General

  • Target

    57d8f7819906858cfe4e833aef1ae851437228274043174687cd4c263c0e4b29

  • Size

    61KB

  • Sample

    241111-vtbbxa1mhv

  • MD5

    f49b74be8e8fd91bed834e2992af2e93

  • SHA1

    e95194411941c0b729c87ae71e40740e6d178115

  • SHA256

    57d8f7819906858cfe4e833aef1ae851437228274043174687cd4c263c0e4b29

  • SHA512

    e93d197e004e6b6a5180beb9b1d8db765588956722a56f385d8cf447b5e4024dc960687e999e32dd176bb86d73ab2d4a87b85d555592bfaeea30b7cf4d47d9ba

  • SSDEEP

    1536:8URk3hbdlylKsgqopeJBWhZFGkE+cL2NdAKNzMk9B+oo1zMk9A+oos:8Mk3hbdlylKsgqopeJBWhZFGkE+cL2N0

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://87.251.86.178/pp/cc.html

Targets

    • Target

      57d8f7819906858cfe4e833aef1ae851437228274043174687cd4c263c0e4b29

    • Size

      61KB

    • MD5

      f49b74be8e8fd91bed834e2992af2e93

    • SHA1

      e95194411941c0b729c87ae71e40740e6d178115

    • SHA256

      57d8f7819906858cfe4e833aef1ae851437228274043174687cd4c263c0e4b29

    • SHA512

      e93d197e004e6b6a5180beb9b1d8db765588956722a56f385d8cf447b5e4024dc960687e999e32dd176bb86d73ab2d4a87b85d555592bfaeea30b7cf4d47d9ba

    • SSDEEP

      1536:8URk3hbdlylKsgqopeJBWhZFGkE+cL2NdAKNzMk9B+oo1zMk9A+oos:8Mk3hbdlylKsgqopeJBWhZFGkE+cL2N0

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks