General
-
Target
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7.hta
-
Size
24KB
-
Sample
240625-cgcebsvdna
-
MD5
1234960c4d927466cfbb9897c4af1d0e
-
SHA1
eb834e095dff7f5f1d2a48d5268495d15cb183d3
-
SHA256
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7
-
SHA512
6f353bdf144dbdd20974445c334833197349da4fc91b6bb0c03c486abdbeefe98db80219b1367fc9fe471f30e8a465e37fa23d62e619108a434228006b8f2806
-
SSDEEP
768:rFcEgWIfttLKWs1v9erzdu48Ab5wQY+y4rBL1JPWUzmP:ZcEEfXL7snet8Ab5YCBTcP
Static task
static1
Behavioral task
behavioral1
Sample
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7.hta
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7.hta
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7.hta
-
Size
24KB
-
MD5
1234960c4d927466cfbb9897c4af1d0e
-
SHA1
eb834e095dff7f5f1d2a48d5268495d15cb183d3
-
SHA256
fec5bb957bff39fc9d32793d5485483eb901a6a1356e6a25138ae1bb8089d7f7
-
SHA512
6f353bdf144dbdd20974445c334833197349da4fc91b6bb0c03c486abdbeefe98db80219b1367fc9fe471f30e8a465e37fa23d62e619108a434228006b8f2806
-
SSDEEP
768:rFcEgWIfttLKWs1v9erzdu48Ab5wQY+y4rBL1JPWUzmP:ZcEEfXL7snet8Ab5YCBTcP
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-