Overview

overview

10

Static

static

1

44660a8ee9...bb.lnk

windows7-x64

10

44660a8ee9...bb.lnk

windows10-2004-x64

10

Resubmissions

21-11-2024 10:04

241121-l33m3svrdk 10

13-11-2024 08:57

241113-kwpbfayjb1 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44660a8ee9588624a610e54463d3ffbce1bf235482a1e88dd2d376a5fb74edbb

  • Size

    2KB

  • Sample

    241121-l33m3svrdk

  • MD5

    353943828023a63279b82cd395e0801b

  • SHA1

    621c1087e5bd6b1b7eee1fa018c781644ee8f932

  • SHA256

    44660a8ee9588624a610e54463d3ffbce1bf235482a1e88dd2d376a5fb74edbb

  • SHA512

    6ea2765098d77d119f98f3c8613829b897f6da1c0fa26458a175d07a15b6cb425be3f0d4ada6fe3f24e680eeeec098b1472e66216a802862240a6b8dfa9983af

Score
10/10
execution

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://x2trump.com/x1.hta

Extracted

Language
hta
Source
URLs
hta.dropper

https://x2trump.com/x1.hta

Targets

    • Target

      44660a8ee9588624a610e54463d3ffbce1bf235482a1e88dd2d376a5fb74edbb

    • Size

      2KB

    • MD5

      353943828023a63279b82cd395e0801b

    • SHA1

      621c1087e5bd6b1b7eee1fa018c781644ee8f932

    • SHA256

      44660a8ee9588624a610e54463d3ffbce1bf235482a1e88dd2d376a5fb74edbb

    • SHA512

      6ea2765098d77d119f98f3c8613829b897f6da1c0fa26458a175d07a15b6cb425be3f0d4ada6fe3f24e680eeeec098b1472e66216a802862240a6b8dfa9983af

    Score
    10/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks