General

  • Target

    3fdfa5a3f1a775a9ef22ca81ff29a8881a651d49c1574b3eb417e50c97f9b829

  • Size

    70KB

  • Sample

    241111-vv6jfasdjr

  • MD5

    86e28b82efc989908a1861045bf3b2e5

  • SHA1

    1fd4011eea272581c09d3dee7986a6eb27d875fc

  • SHA256

    3fdfa5a3f1a775a9ef22ca81ff29a8881a651d49c1574b3eb417e50c97f9b829

  • SHA512

    bee38d3ade579b2f1ccee981292ec7885fcdba32cb24f76ceb887c14c8237221f51e4802cb3da0c1ac6499b365f64b4a939323ed0154d06ee6acf0ef386b8ddb

  • SSDEEP

    1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe2.html

Targets

    • Target

      3fdfa5a3f1a775a9ef22ca81ff29a8881a651d49c1574b3eb417e50c97f9b829

    • Size

      70KB

    • MD5

      86e28b82efc989908a1861045bf3b2e5

    • SHA1

      1fd4011eea272581c09d3dee7986a6eb27d875fc

    • SHA256

      3fdfa5a3f1a775a9ef22ca81ff29a8881a651d49c1574b3eb417e50c97f9b829

    • SHA512

      bee38d3ade579b2f1ccee981292ec7885fcdba32cb24f76ceb887c14c8237221f51e4802cb3da0c1ac6499b365f64b4a939323ed0154d06ee6acf0ef386b8ddb

    • SSDEEP

      1536:bpEk3hbdlylKsgqopeJBWhZFGkE+cL2NdA8eXZiozeOgXVZKyaZpvyR1kZkJvU+:bCk3hbdlylKsgqopeJBWhZFGkE+cL2Nr

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks