Potential Targeted Attack Uses AutoHotkey and Excel
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID 25ac7d5d-6187-4abe-a87e-5f4ccc3f8de7
Fingerprint 8462b82a2d7ea28e
Analysis status DONE
Considered CTI value 2
Text language
Published April 17, 2019, midnight
Added to db Oct. 15, 2024, 6:39 p.m.
Last updated Oct. 15, 2024, 10:12 p.m.
Headline Potential Targeted Attack Uses AutoHotkey and Excel
Title Potential Targeted Attack Uses AutoHotkey and Excel
Detected Hints/Tags/Attributes 35/2/10
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_fi/research/19/d/potential-targeted-attack-uses-autohotkey-and-malicious-script-embedded-in-excel-file-to-avoid-detection.html
Details Source https://www.trendmicro.com/en_in/research/19/d/potential-targeted-attack-uses-autohotkey-and-malicious-script-embedded-in-excel-file-to-avoid-detection.html
Details Source https://www.trendmicro.com/en_my/research/19/d/potential-targeted-attack-uses-autohotkey-and-malicious-script-embedded-in-excel-file-to-avoid-detection.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details File 2 
financing.xlsm
Details File 1 
c:\programdata\autohotkeyu32.exe
Details File 2 
autohotkeyu32.exe
Details sha256 1 
efe51c2453821310c7a34dca3054021d0f6d453b7133c381d75e3140901efd12
Details sha256 1 
43fbda74a65668333727c6512562db4f9e712cf1d5ad9dca8f06ae51bb937ba2
Details sha256 1 
acb3181d0408c908b2a434fc004bf24fb766d4cf68bf2978bc5653022f9f20be
Details sha256 1 
be6c6b0942ad441953b0ed0c4327b9ded8a94e836eaca070aca3988badb31858
Details sha256 1 
f64792324839f660b9bdfda95501a568c076641cf08ce63c1ddbe29b45623ac0
Details IPv4 1 
185.70.186.145
Details Url 1 
http://185.70.186.145/7773/plug/hscreen.ahk