Overview

overview

10

Static

static

1

32a98d1b29...3f.lnk

windows7-x64

3

32a98d1b29...3f.lnk

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32a98d1b299d1feebb096cdeb38433013b7db6adf5d9923b539390d777bfac3f.lnk

  • Size

    2KB

  • Sample

    241228-cnjrzstrcl

  • MD5

    0306addb386436ae663da152bee03226

  • SHA1

    0c35bff3dafec0f21436b6db025a24e0102ce7b7

  • SHA256

    32a98d1b299d1feebb096cdeb38433013b7db6adf5d9923b539390d777bfac3f

  • SHA512

    b5508d380b65cc364d378f1ea69d33b9f4eed2f45b9cd48a4b13cd51e97d7e77eccf81516eca2b14229bfda80d05277693a03093ea7f553db88c78946bc718f7

Score
10/10
execution

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://150.241.97.10/aaa.mp4

Targets

    • Target

      32a98d1b299d1feebb096cdeb38433013b7db6adf5d9923b539390d777bfac3f.lnk

    • Size

      2KB

    • MD5

      0306addb386436ae663da152bee03226

    • SHA1

      0c35bff3dafec0f21436b6db025a24e0102ce7b7

    • SHA256

      32a98d1b299d1feebb096cdeb38433013b7db6adf5d9923b539390d777bfac3f

    • SHA512

      b5508d380b65cc364d378f1ea69d33b9f4eed2f45b9cd48a4b13cd51e97d7e77eccf81516eca2b14229bfda80d05277693a03093ea7f553db88c78946bc718f7

    Score
    10/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks