General

  • Target

    ff98902753abefb76884fc6fa5fa34f389b215ad9a447bf434624f097f12ad57.hta

  • Size

    207KB

  • Sample

    241114-dxc68stgjd

  • MD5

    a9cf15c4f82d5c26f48f4a16dfe7bd1a

  • SHA1

    f7f0b669264b0a42b290cb5476e21ffa51eebf34

  • SHA256

    ff98902753abefb76884fc6fa5fa34f389b215ad9a447bf434624f097f12ad57

  • SHA512

    5a5f5e6d18a776646328ce85e59f12424f1fb8c2612d1299db7bc378177be369bb6e391488b02d40a682c37857bcf0576d415534c5aba4796f46c39ea5b21d2c

  • SSDEEP

    48:4FhWsTR/F7gNqXfkz0eZC0yZhboWWCRzESPUJ0cv5p299DdCf+xuj9AoapwSI0t7:43F97AIyCRRtnu4fAf+cZAoaDna8YQ

Malware Config

Targets

    • Target

      ff98902753abefb76884fc6fa5fa34f389b215ad9a447bf434624f097f12ad57.hta

    • Size

      207KB

    • MD5

      a9cf15c4f82d5c26f48f4a16dfe7bd1a

    • SHA1

      f7f0b669264b0a42b290cb5476e21ffa51eebf34

    • SHA256

      ff98902753abefb76884fc6fa5fa34f389b215ad9a447bf434624f097f12ad57

    • SHA512

      5a5f5e6d18a776646328ce85e59f12424f1fb8c2612d1299db7bc378177be369bb6e391488b02d40a682c37857bcf0576d415534c5aba4796f46c39ea5b21d2c

    • SSDEEP

      48:4FhWsTR/F7gNqXfkz0eZC0yZhboWWCRzESPUJ0cv5p299DdCf+xuj9AoapwSI0t7:43F97AIyCRRtnu4fAf+cZAoaDna8YQ

    • Blocklisted process makes network request

    • Evasion via Device Credential Deployment

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks