hxxps://portaal[.]com[.]my/

General

Target

https://portaal.com.my/
Sample

250219-hhm54szmcn

Score

10^/10

Malware Config

Extracted

Language

hta

Source

URLs

hta.dropper

https://portaal.com.my/recaptcha-verify

Extracted

Language

hta

Source

URLs

hta.dropper

https://portaal.com.my/recaptcha-verify

Targets

- Target
  
  https://portaal.com.my/
Score

10^/10

google discovery phishing
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand GOOGLE.
  phishing google
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Blocklisted process makes network request

Checks computer location settings

Detected potential entity reuse from brand GOOGLE.

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1

behavioral2

behavioral3