General

  • Target

    faae949a7d2f32b0ae09b23d53d602dac380db26541952755c920773e46f8bcd.hta

  • Size

    207KB

  • Sample

    241114-dwjydstfrc

  • MD5

    6e8e497a9ab2be601520a182073419f1

  • SHA1

    1f66efaeed5492931779fa941b1a67967f9c0ee2

  • SHA256

    faae949a7d2f32b0ae09b23d53d602dac380db26541952755c920773e46f8bcd

  • SHA512

    73b1035d2975aea8dc579a307fce7f2c15b1a240063dbfdb5b13e01571a5f188c25dc6f8ad9ed300e87c760ce1a2f0e6098f1cfb199ae03e28e9476766466895

  • SSDEEP

    96:43F97KoUXZbhIoUXZzhoZx79f+hs6oByayqoUXZSoUXZ4hMoUXZrQ:43F1NaZRaZKT9+7CyaytaZVaZ8aZrQ

Malware Config

Targets

    • Target

      faae949a7d2f32b0ae09b23d53d602dac380db26541952755c920773e46f8bcd.hta

    • Size

      207KB

    • MD5

      6e8e497a9ab2be601520a182073419f1

    • SHA1

      1f66efaeed5492931779fa941b1a67967f9c0ee2

    • SHA256

      faae949a7d2f32b0ae09b23d53d602dac380db26541952755c920773e46f8bcd

    • SHA512

      73b1035d2975aea8dc579a307fce7f2c15b1a240063dbfdb5b13e01571a5f188c25dc6f8ad9ed300e87c760ce1a2f0e6098f1cfb199ae03e28e9476766466895

    • SSDEEP

      96:43F97KoUXZbhIoUXZzhoZx79f+hs6oByayqoUXZSoUXZ4hMoUXZrQ:43F1NaZRaZKT9+7CyaytaZVaZ8aZrQ

    • Blocklisted process makes network request

    • Evasion via Device Credential Deployment

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks