Another Malicious HTA File Analysis – Part 3, (Sun, May 21st) – Cyber Safe NV
Tags
country: United States Of America
attack-pattern: Data Powershell - T1059.001 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 9112f6e5-30c1-4d63-b167-038a4fa15a44
Fingerprint 26512199871e077e
Analysis status DONE
Considered CTI value 0
Text language
Published May 21, 2023, 8:35 p.m.
Added to db May 22, 2023, 12:18 a.m.
Last updated Nov. 17, 2024, 6:30 p.m.
Headline Another Malicious HTA File Analysis – Part 3, (Sun, May 21st)
Title Another Malicious HTA File Analysis – Part 3, (Sun, May 21st) – Cyber Safe NV
Detected Hints/Tags/Attributes 19/2/14
Source URLs
Redirection Url
Details Source https://cybersafenv.org/2023/05/21/another-malicious-hta-file-analysis-part-3-sun-may-21st/
URL Provider
Details Provider Source level domain
Details cybersafenv.org cybersafenv.org
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 19 
base64dump.py
Details Domain 71 
aes.new
Details Domain 2 
myjson-transform.py
Details Domain 1 
decrypt-2.py
Details Domain 8 
pecheck.py
Details Domain 74 
blog.didierstevens.com
Details Domain 425 
isc.sans.edu
Details File 18 
base64dump.py
Details File 2 
myjson-transform.py
Details File 1 
decrypt-2.py
Details File 8 
pecheck.py
Details sha256 1 
5c5f55987a79e29a3bc46aeeb78209331d6cdbb4d1dde7f24a0b41ae51b5de8f
Details sha256 1 
5f5b1e4a6cb96f0611a8374e504cee8ceb7dc59dedf0f4059fd93dcd8315699c
Details Url 33 
https://isc.sans.edu