General
-
Target
niceidea.hta
-
Size
154KB
-
Sample
241128-g11y9avkfm
-
MD5
586dc2855cbce16da2db1a5840694321
-
SHA1
aa92aefd6a9f95dc8e38f4d3b406cf506df9335b
-
SHA256
4aa454e445cc37d965867da8c17b921cf031045b8ecb90dc1884522a794d32f4
-
SHA512
53685b59faf9cff6d5cc4d07d7cda09e384a412ce79c5fb11fd48d815005cc60bf56d944a0fde3c1c274e5565f2ff4385db6e2fa1461a3e7b8f0e446d4558779
-
SSDEEP
96:4owZw9d6yfaKPQEoXRUn+VO+ehLGOToQPU6ghhiXB3zn+/edxCUMIqh2SCw2QKSs:4LwSiolYyrk3DwQ
Static task
static1
Behavioral task
behavioral1
Sample
niceidea.hta
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
niceidea.hta
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
niceidea.hta
-
Size
154KB
-
MD5
586dc2855cbce16da2db1a5840694321
-
SHA1
aa92aefd6a9f95dc8e38f4d3b406cf506df9335b
-
SHA256
4aa454e445cc37d965867da8c17b921cf031045b8ecb90dc1884522a794d32f4
-
SHA512
53685b59faf9cff6d5cc4d07d7cda09e384a412ce79c5fb11fd48d815005cc60bf56d944a0fde3c1c274e5565f2ff4385db6e2fa1461a3e7b8f0e446d4558779
-
SSDEEP
96:4owZw9d6yfaKPQEoXRUn+VO+ehLGOToQPU6ghhiXB3zn+/edxCUMIqh2SCw2QKSs:4LwSiolYyrk3DwQ
Score8/10-
Blocklisted process makes network request
-
Evasion via Device Credential Deployment
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-